projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Only switch FTP conntrack to explicit CT target for stretch hosts
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
manifests
/
per_host.pp
diff --git
a/modules/ferm/manifests/per_host.pp
b/modules/ferm/manifests/per_host.pp
index
8fd0d07
..
f736213
100644
(file)
--- a/
modules/ferm/manifests/per_host.pp
+++ b/
modules/ferm/manifests/per_host.pp
@@
-225,12
+225,12
@@
class ferm::per_host {
@ferm::rule { 'dsa-postgres-bacula':
# dinis
description => 'Allow postgress access1',
@ferm::rule { 'dsa-postgres-bacula':
# dinis
description => 'Allow postgress access1',
- rule => '&SERVICE_RANGE(tcp, 5437, ( 5.153.231.19/32 ))'
+ rule => '&SERVICE_RANGE(tcp, 5437, ( 5.153.231.19/32
93.94.130.161/32
))'
}
@ferm::rule { 'dsa-postgres-bacula6':
domain => 'ip6',
description => 'Allow postgress access1',
}
@ferm::rule { 'dsa-postgres-bacula6':
domain => 'ip6',
description => 'Allow postgress access1',
- rule => '&SERVICE_RANGE(tcp, 5437, ( 2001:41c8:1000:21::21:19/128 ))'
+ rule => '&SERVICE_RANGE(tcp, 5437, ( 2001:41c8:1000:21::21:19/128
2a02:158:380:280::161/128
))'
}
@ferm::rule { 'dsa-postgres-backup':
}
@ferm::rule { 'dsa-postgres-backup':