From d55b767b917b32458126f2049c1b51f3c0ccdee5 Mon Sep 17 00:00:00 2001
From: David Bezuidenhout <david@davids-mbp.wacpt.net>
Date: Tue, 19 Jan 2016 17:31:29 +0200
Subject: [PATCH] [remove] clean-up some code, mostly code commented out

---
 .gitignore          |   1 +
 firewalld/_zone.sls | 100 --------------------------------------------
 pillar.example.sls  |  27 +-----------
 3 files changed, 2 insertions(+), 126 deletions(-)

diff --git a/.gitignore b/.gitignore
index aaed21e..302fe24 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ metadata.json
 *.idea
 *.swp
 *.tmp
+/.project
diff --git a/firewalld/_zone.sls b/firewalld/_zone.sls
index 4ee8d8f..fa1097b 100644
--- a/firewalld/_zone.sls
+++ b/firewalld/_zone.sls
@@ -38,103 +38,3 @@
         zone: {{ v }}
 
 {% endfor %}
-
-
-
-# === Parameters
-#
-# [*target*]		can be one of {'ACCEPT', '%%REJECT%%', 'DROP'}.
-#			Used to accept, reject or drop every packet that
-#			doesn't match any rule (port, service, etc.).
-#			Default (when target is not specified) is reject.
-# [*short*]		short readable name
-# [*description*]	long description of zone
-# [*interfaces*]	list of interfaces to bind to a zone
-# [*sources*]		list of source addresses or source address
-#			ranges ("address/mask") to bind to a zone
-# [*ports*]
-#   list of ports to open
-#	ports  => [{
-#		comment  => optional, string
-#		port     => mandatory, string, e.g. '1234'
-#		protocol => mandatory, string, e.g. 'tcp' },...]
-# [*services*]		list of predefined firewalld services
-# [*icmp_blocks*]	list of predefined icmp-types to block
-# [*masquerade*]	enable masquerading ?
-# [*forward_ports*]
-#   list of ports to forward to other port and/or machine
-#	forward_ports  => [{
-#		comment  => optional, string
-#		portid   => mandatory, string, e.g. '123'
-#		protocol => mandatory, string, e.g. 'tcp'
-#		to_port  => mandatory to specify either to_port or/and to_addr
-#		to_addr  => mandatory to specify either to_port or/and to_addr },...]
-# [*rich_rules*]
-#   list of rich language rules (firewalld.richlanguage(5))
-#	You have to specify one (and only one)
-#	of {service, port, protocol, icmp_block, masquerade, forward_port}
-#	and one (and only one) of {accept, reject, drop}
-#	family - 'ipv4' or 'ipv6', optional, see Rule in firewalld.richlanguage(5)
-#	source  => {  optional, see Source in firewalld.richlanguage(5)
-#		address  => mandatory, string, e.g. '192.168.1.0/24'
-#		invert   => optional, bool, e.g. true }
-#	destination => { optional, see Destination in firewalld.richlanguage(5)
-#		address => mandatory, string
-#		invert  => optional, bool, e.g. true }
-#	service - string, see Service in firewalld.richlanguage(5)
-#	port => { see Port in firewalld.richlanguage(5)
-#		portid   => mandatory
-#			protocol => mandatory }
-#	protocol - string, see Protocol in firewalld.richlanguage(5)
-#	icmp_block - string, see ICMP-Block in firewalld.richlanguage(5)
-#	masquerade - bool, see Masquerade in firewalld.richlanguage(5)
-#	forward_port => { see Forward-Port in firewalld.richlanguage(5)
-#		portid   => mandatory
-#		protocol => mandatory
-#		to_port  => mandatory to specify either to_port or/and to_addr
-#		to_addr  => mandatory to specify either to_port or/and to_addr }
-#	log => {   see Log in firewalld.richlanguage(5)
-#		prefix => string, optional
-#		level  => string, optional
-#		limit  => string, optional }
-#	audit => {  see Audit in firewalld.richlanguage(5)
-#		limit => string, optional }
-#	accept - any value, e.g. true, see Action in firewalld.richlanguage(5)
-#	reject => { see Action in firewalld.richlanguage(5)
-#		type => string, optional }
-#	drop - any value, e.g. true, see Action in firewalld.richlanguage(5)
-#
-# === Examples
-#
-#  firewalld::zone { "custom":
-#	description	=> "This is an example zone",
-#	services	=> ["ssh", "dhcpv6-client"],
-#	ports		=> [{
-#			comment		=> "for our dummy service",
-#			port		=> "1234",
-#			protocol	=> "tcp",},],
-#	masquerade	=> true,
-#	forward_ports	=> [{
-#			comment		=> 'forward 123 to other machine',
-#			portid		=> '123',
-#			protocol	=> 'tcp',
-#			to_port		=> '321',
-#			to_addr		=> '1.2.3.4',},],
-#	rich_rules	=> [{
-#			family		=> 'ipv4',
-#			source		=> {
-#				address		=> '192.168.1.0/24',
-#				invert		=> true,},
-#			port		=> {
-#				portid		=> '123-321',
-#				protocol	=> 'udp',},
-#			log		=> {
-#				prefix		=> 'local',
-#				level		=> 'notice',
-#				limit		=> '3/s',},
-#			audit		=> {
-#				limit		=> '2/h',},
-#			reject		=> {
-#				type		=> 'icmp-host-prohibited',},
-#			},],}
-#
diff --git a/pillar.example.sls b/pillar.example.sls
index 61e4915..9d649d9 100644
--- a/pillar.example.sls
+++ b/pillar.example.sls
@@ -28,29 +28,4 @@ firewalld:
         - https
         - ssh
         - dhcpv6-client
-#      ports: 
-#        - comment: For our dummy service
-#          port: 1234
-#          protocol: tcp
-#      forward_ports:
-#        - comment: forward 123 to other machine
-#          portid: 123
-#          protocol: tcp
-#          to_port: 321
-#          to_addr: 1.2.3.4
-#      rich_rules:
-#        - family: ipv4
-#          source:
-#            address: 192.168.1.0/24
-#            invert: true
-#          port:
-#            portid: 123-321
-#            protocol: udp
-#          log:
-#            prefix: local
-#            level: notice
-#            limit: 3/s
-#          audit:
-#            limit: 2/h
-#          reject:
-#            type: icmp-host-prohibited
+