2 define rule($domain="ip", $chain="INPUT", $rule, $description="", $prio="00") {
3 file { "/etc/ferm/dsa.d/${prio}_${name}":
8 content => template("ferm/ferm-rule.erb"),
12 package { ferm: ensure => installed }
17 require => Package["ferm"];
20 require => Package["ferm"];
21 "/etc/ferm/ferm.conf":
22 source => "puppet:///ferm/ferm.conf",
23 require => Package["ferm"],
24 notify => Exec["ferm restart"];
25 "/etc/ferm/conf.d/me.conf":
26 content => template("ferm/me.conf.erb"),
27 require => Package["ferm"],
28 notify => Exec["ferm restart"];
31 ferm::rule { "dsa-ssh":
32 description => "Allow SSH from DSA",
33 rule => "proto tcp dport ssh ACCEPT"
36 exec { "ferm restart":
37 path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",