From: Silvio Rhatto <rhatto@riseup.net>
Date: Fri, 26 Sep 2014 20:52:17 +0000 (-0300)
Subject: Adding firewall::pppoe
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=2c0b265d9f83af0ce00e47cb799137477efb0006;p=puppet-firewall.git

Adding firewall::pppoe
---

diff --git a/manifests/pppoe.pp b/manifests/pppoe.pp
new file mode 100644
index 0000000..a771d48
--- /dev/null
+++ b/manifests/pppoe.pp
@@ -0,0 +1,26 @@
+class firewall::pppoe(
+  $packages  = false,
+  $local_dev = false,
+) {
+  # Manage pppoe packages, requires nodo module
+  if $packages == true {
+    include nodo::utils::network::pppoe
+  }
+
+  # Define device in the local zone
+  if $local_dev == true{
+    shorewall::interface { "eth0":
+     zone    => 'loc',
+     rfc1918 => false,
+     options => 'tcpflags,blacklist,routefilter,nosmurfs,logmartians',
+    }
+  }
+
+  # See http://shorewall.net/two-interface.htm
+  augeas { 'clampmss':
+    changes => 'set /files/etc/shorewall/shorewall.conf/CLAMPMSS Yes',
+    lens    => 'Shellvars.lns',
+    incl    => '/etc/shorewall/shorewall.conf',
+    notify  => Service[shorewall];
+  }
+}