From: Grant Slater <git@firefishy.com>
Date: Fri, 14 Dec 2018 18:10:12 +0000 (+0000)
Subject: Add helper support to firewall_rule
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/a81d3cdabca3b55a19b2bcc4c2cf5a1dd30071b4

Add helper support to firewall_rule
---

diff --git a/cookbooks/networking/definitions/firewall_rule.rb b/cookbooks/networking/definitions/firewall_rule.rb
index 09a28af79..9dc591a53 100644
--- a/cookbooks/networking/definitions/firewall_rule.rb
+++ b/cookbooks/networking/definitions/firewall_rule.rb
@@ -26,7 +26,8 @@ define :firewall_rule, :action => :accept do
     :dest_ports => params[:dest_ports] || "-",
     :source_ports => params[:source_ports] || "-",
     :rate_limit => params[:rate_limit] || "-",
-    :connection_limit => params[:connection_limit] || "-"
+    :connection_limit => params[:connection_limit] || "-",
+    :helper => params[:helper] || "-"
   ]
 
   if params[:family].nil?
diff --git a/cookbooks/networking/templates/default/shorewall-rules.erb b/cookbooks/networking/templates/default/shorewall-rules.erb
index 0b13f7ba0..660eec130 100644
--- a/cookbooks/networking/templates/default/shorewall-rules.erb
+++ b/cookbooks/networking/templates/default/shorewall-rules.erb
@@ -6,8 +6,8 @@
 SECTION NEW
 <% end -%>
 
-# ACTION	SOURCE	DEST	PROTO		DEST		SOURCE	ORIGINAL	RATE	USER	MARK	CONNLIMIT
-#						PORTS		PORTS	DEST		LIMIT
+# ACTION       SOURCE    DEST  PROTO           DEST            SOURCE  ORIGINAL        RATE    USER/   MARK    CONNLIMIT  TIME  HEADERS  SWITCH  HELPER
+#                                              PORTS           PORTS   DEST            LIMIT   GROUP
 <% node[:networking][:firewall][@family].each do |r| # ~FC034 -%>
-<%= r[:action] %>		<%= r[:source] %>	<%= r[:dest] %>	<%= r[:proto] %>		<%= r[:dest_ports] %>	<%= r[:source_ports] %>	-	<%= r[:rate_limit] %>	-	-	<%= r[:connection_limit] %>
+<%= r[:action] %>		<%= r[:source] %>	<%= r[:dest] %>	<%= r[:proto] %>		<%= r[:dest_ports] %>	<%= r[:source_ports] %>	-	<%= r[:rate_limit] %>	-	-	<%= r[:connection_limit] %> -	-	- <%= r[:helper] %>
 <% end -%>