Permalink
Browse files

allow a mask for ports

  • Loading branch information...
1 parent 945d26c commit 2263dbd8ebe92e3d99eea418c196848bff1e608a @phunehehe committed Sep 24, 2012
Showing with 3 additions and 2 deletions.
  1. +1 −1 erlang
  2. +1 −0 shorewall/attributes/default.rb
  3. +1 −1 shorewall/templates/default/rules.erb
2 erlang
Submodule erlang updated 1 files
+1 −1 recipes/default.rb
@@ -3,4 +3,5 @@
80,
443,
]
+default[:shorewall][:blocked_ports] = []
default[:shorewall][:allowed_hosts] = []
@@ -4,7 +4,7 @@
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/
# PORT PORT(S) DEST LIMIT GROUP
-<% node[:shorewall][:allowed_ports].each do |port| -%>
+<% (node[:shorewall][:allowed_ports] - node[:shorewall][:blocked_ports]).each do |port| -%>
ACCEPT net $FW tcp <%= port %>
<% end -%>

0 comments on commit 2263dbd

Please sign in to comment.