projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add migration ferm rules to the ganeti module
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
manifests
/
per-host.pp
diff --git
a/modules/ferm/manifests/per-host.pp
b/modules/ferm/manifests/per-host.pp
index
2756e59
..
27c5e3a
100644
(file)
--- a/
modules/ferm/manifests/per-host.pp
+++ b/
modules/ferm/manifests/per-host.pp
@@
-28,9
+28,13
@@
class ferm::per-host {
rule => '&SERVICE_RANGE(tcp, 5437, ( 206.12.19.0/24 ))'
}
@ferm::rule { 'dsa-postgres3-danzi':
rule => '&SERVICE_RANGE(tcp, 5437, ( 206.12.19.0/24 ))'
}
@ferm::rule { 'dsa-postgres3-danzi':
- description => 'Allow postgress access
2
',
+ description => 'Allow postgress access
3
',
rule => '&SERVICE_RANGE(tcp, 5436, ( 206.12.19.0/24 ))'
}
rule => '&SERVICE_RANGE(tcp, 5436, ( 206.12.19.0/24 ))'
}
+ @ferm::rule { 'dsa-postgres4-danzi':
+ description => 'Allow postgress access4',
+ rule => '&SERVICE_RANGE(tcp, 5438, ( 206.12.19.0/24 ))'
+ }
}
abel,alwyn,rietz: {
@ferm::rule { 'dsa-tftp':
}
abel,alwyn,rietz: {
@ferm::rule { 'dsa-tftp':
@@
-224,5
+228,4
@@
REJECT reject-with icmp-admin-prohibited
}
default: {}
}
}
default: {}
}
-
}
}