owner "root"
group "root"
mode 0644
- notifies :run, resources(:execute => "hostname")
+ notifies :run, "execute[hostname]"
end
template "/etc/hosts" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/shorewall.conf" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/zones" do
group "root"
mode 0644
variables :type => "ipv4"
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/interfaces" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/hosts" do
group "root"
mode 0644
variables :zones => zones
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/policy" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
template "/etc/shorewall/rules" do
owner "root"
group "root"
mode 0644
- variables :family => "inet", :rules => []
- notifies :restart, resources(:service => "shorewall")
+ variables :rules => []
+ notifies :restart, "service[shorewall]"
end
firewall_rule "limit-icmp-echo" do
dest "fw"
proto "icmp"
dest_ports "echo-request"
- if node[:lsb][:release].to_f >= 10.04
- rate_limit "s:1/sec:5"
- else
- rate_limit "1/sec:5"
- end
+ rate_limit "s:1/sec:5"
end
[ "ucl", "ic", "bm" ].each do |zone|
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
else
file "/etc/shorewall/masq" do
action :delete
- notifies :restart, resources(:service => "shorewall")
+ notifies :restart, "service[shorewall]"
end
end
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/shorewall6.conf" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/zones" do
group "root"
mode 0644
variables :type => "ipv6"
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/interfaces" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/hosts" do
group "root"
mode 0644
variables :zones => zones
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/policy" do
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "shorewall6")
+ notifies :restart, "service[shorewall6]"
end
template "/etc/shorewall6/rules" do
owner "root"
group "root"
mode 0644
- variables :family => "inet6", :rules => []
- notifies :restart, resources(:service => "shorewall6")
+ variables :rules => []
+ notifies :restart, "service[shorewall6]"
end
firewall_rule "limit-icmp6-echo" do
dest "fw"
proto "ipv6-icmp"
dest_ports "echo-request"
- if node[:lsb][:release].to_f >= 10.04
- rate_limit "s:1/sec:5"
- else
- rate_limit "1/sec:5"
- end
+ rate_limit "s:1/sec:5"
end
end