Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- node default {
- #
- # Firewall
- #
- class { 'firewall': }
- resources { "firewall": }
- firewallchain { 'INPUT:filter:IPv4':
- purge => true,
- }
- firewallchain { 'FORWARD:filter:IPv4':
- purge => true,
- }
- firewall { '001 INPUT accept all on lo':
- proto => "all",
- action => 'accept',
- chain => "INPUT",
- iniface => 'lo',
- }
- firewall { '200 allow ssh from outside':
- iniface => "eth0",
- proto => "tcp",
- dport => "22",
- action => 'accept',
- chain => "INPUT",
- }
- firewall { '201 allow http from outside':
- iniface => "eth0",
- proto => "tcp",
- dport => [80, 81],
- action => 'accept',
- chain => "INPUT",
- }
- #firewall { '202 allow http81 from outside':
- # iniface => "eth0",
- # proto => "tcp",
- # dport => "81",
- # action => 'accept',
- # chain => "INPUT",
- #}
- firewall { '299 default deny from outside':
- iniface => "eth1",
- proto => "all",
- action => 'drop',
- chain => "INPUT",
- }
- #
- # ntp
- #
- include ntp
- class { 'ntp':
- servers => [ '0.ch.pool.ntp.org', '1.ch.pool.ntp.org', '2.ch.pool.ntp.org', '3.ch.pool.ntp.org' ],
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement