From: o <o@immerda.ch>
Date: Mon, 25 Apr 2011 23:13:58 +0000 (+0200)
Subject: added ipsec rule
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=e27f9a83ed912eeef399878e7a8a3c77035b53de;p=puppet-shorewall.git

added ipsec rule
---

diff --git a/manifests/rules/ipsec.pp b/manifests/rules/ipsec.pp
new file mode 100644
index 0000000..c609d0a
--- /dev/null
+++ b/manifests/rules/ipsec.pp
@@ -0,0 +1,18 @@
+class shorewall::rules::ipsec {
+    shorewall::rule { 'net-me-ipsec-udp':
+        source          => 'net',
+        destination     => '$FW',
+        proto           => 'udp',
+        destinationport => '500',
+        order           => 240,
+        action          => 'ACCEPT';
+    }
+    shorewall::rule { 'me-net-ipsec-udp':
+        source          => '$FW',
+        destination     => 'net',
+        proto           => 'udp',
+        destinationport => '500',
+        order           => 240,
+        action          => 'ACCEPT';
+    }
+}