- case $hostname {
- piatti: {
- @ferm::rule { "dsa-udd-stunnel":
- description => "port 8080 for udd stunnel",
- rule => "&SERVICE_RANGE(tcp, http-alt, ( 192.25.206.16 70.103.162.29 217.196.43.134 ))"
- }
- }
- senfl: {
- @ferm::rule { "dsa-rsync":
- domain => "(ip ip6)",
- description => "Allow rsync access",
- rule => "&SERVICE(tcp, 873)"
- }
- }
- saens,villa,lobos,raff,gluck,schein,wieck,steffani: {
- @ferm::rule { "dsa-ftp":
- domain => "(ip ip6)",
- description => "Allow ftp access",
- rule => "&SERVICE(tcp, 21)"
- }
- @ferm::rule { "dsa-rsync":
- domain => "(ip ip6)",
- description => "Allow rsync access",
- rule => "&SERVICE(tcp, 873)"
- }
- }
- ancina,zelenka {
- @ferm::rule { "dsa-time":
- description => "Allow time access",
- rule => "&SERVICE(udp, time, $HOST_NAGIOS_V4)"
- }
+ case getfromhash($nodeinfo, 'squeeze') {
+ true: { include unbound }
+ }
+ include resolv
+
+ case $kernel {
+ Linux: {
+ include ferm
+ include ferm::per-host
+ case $rsyncd {
+ "true": { include ferm::rsync }
+ }