X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/b5b025beaf095afbe4b53005c6f308e44c4af3eb..9465adbe4321012051bf7c31405620949a11119c:/cookbooks/networking/templates/default/shorewall.conf.erb

diff --git a/cookbooks/networking/templates/default/shorewall.conf.erb b/cookbooks/networking/templates/default/shorewall.conf.erb
index 8720866d2..290c73fb6 100644
--- a/cookbooks/networking/templates/default/shorewall.conf.erb
+++ b/cookbooks/networking/templates/default/shorewall.conf.erb
@@ -28,7 +28,11 @@ FIREWALL=
 #			       L O G G I N G
 ###############################################################################
 
+<% if node[:networking][:firewall][:log] -%>
 LOG_LEVEL="info"
+<% else -%>
+LOG_LEVEL="none"
+<% end -%>
 
 BLACKLIST_LOG_LEVEL=
 
@@ -142,7 +146,11 @@ BALANCE_PROVIDERS=No
 
 BASIC_FILTERS=No
 
+<% if node[:networking][:firewall][:raw] -%>
 BLACKLIST="NEW,INVALID,UNTRACKED"
+<% else -%>
+BLACKLIST="NEW,INVALID"
+<% end -%>
 
 CLAMPMSS=No
 
@@ -230,7 +238,11 @@ SAVE_ARPTABLES=No
 
 SAVE_IPSETS=No
 
+<% if node[:networking][:firewall][:mangle] -%>
 TC_ENABLED=Internal
+<% else -%>
+TC_ENABLED=No
+<% end -%>
 
 TC_EXPERT=No