From 2419b95063ee7bbc99e68a4af55fce7b5248a3b5 Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Thu, 5 Apr 2018 19:49:55 -0700 Subject: [PATCH] firewall/masquerading: configure state and proto Change-Id: I887741d47fcc20169a1e58ad3f0a003716a4521a --- manifests/masquerade_networks.pp | 4 ++++ spec/classes/tripleo_masquerade_networks_spec.rb | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/manifests/masquerade_networks.pp b/manifests/masquerade_networks.pp index 183cb60bd..e1442b5c3 100644 --- a/manifests/masquerade_networks.pp +++ b/manifests/masquerade_networks.pp @@ -33,12 +33,16 @@ class tripleo::masquerade_networks ( 'destination' => $destinations, 'jump' => 'RETURN', 'chain' => 'POSTROUTING', + 'proto' => 'all', + 'state' => ['ESTABLISHED', 'NEW', 'RELATED'], }, "138 routed_network masquerade ${source}" => { 'table' => 'nat', 'source' => $source, 'jump' => 'MASQUERADE', 'chain' => 'POSTROUTING', + 'proto' => 'all', + 'state' => ['ESTABLISHED', 'NEW', 'RELATED'], } }) } diff --git a/spec/classes/tripleo_masquerade_networks_spec.rb b/spec/classes/tripleo_masquerade_networks_spec.rb index 04b86d2c8..72d4c34e6 100644 --- a/spec/classes/tripleo_masquerade_networks_spec.rb +++ b/spec/classes/tripleo_masquerade_networks_spec.rb @@ -40,6 +40,8 @@ describe 'tripleo::masquerade_networks' do :destination => ['192.168.24.0/24', '192.168.25.0/24'], :jump => 'RETURN', :chain => 'POSTROUTING', + :proto => 'all', + :state => ['ESTABLISHED', 'NEW', 'RELATED'], ) end @@ -49,6 +51,8 @@ describe 'tripleo::masquerade_networks' do :source => '192.168.24.0/24', :jump => 'MASQUERADE', :chain => 'POSTROUTING', + :proto => 'all', + :state => ['ESTABLISHED', 'NEW', 'RELATED'], ) end end