+ stunnel_generic {
+ "${name}":
+ client => false,
+ verify => 2,
+ cafile => "/etc/exim4/ssl/ca.crt",
+ crlfile => "/etc/exim4/ssl/crl.crt",
+ accept => "${accept}",
+ connect => "${connect}",
+ ;
+ }
+ @ferm::rule {
+ "stunnel-${name}":
+ description => "stunnel ${name}",
+ rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V4)",
+ ;
+ "stunnel-${name}-v6":
+ domain => 'ip6',
+ description => "stunnel ${name}",
+ rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V6)",
+ ;
+ }
+ }
+ define stunnel_client($accept, $connecthost, $connectport) {