projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
do not use role-based ssh restrict
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
bgp.pp
diff --git
a/modules/roles/manifests/bgp.pp
b/modules/roles/manifests/bgp.pp
index
fa0fec2
..
9e1cdf5
100644
(file)
--- a/
modules/roles/manifests/bgp.pp
+++ b/
modules/roles/manifests/bgp.pp
@@
-1,6
+1,5
@@
class roles::bgp {
$bgp_peers = $::hostname ? {
class roles::bgp {
$bgp_peers = $::hostname ? {
- mirror-conova => '2a02:16a8:5404:199::25/128 217.196.157.53/32',
mirror-accumu => '2001:6b0:1e:2::1c6/128 130.242.6.198/32',
mirror-skroutz => '2a03:e40:42:200::151:1/128 2a03:e40:42:200::151:2/128 154.57.0.249/32 154.57.0.250',
default => undef,
mirror-accumu => '2001:6b0:1e:2::1c6/128 130.242.6.198/32',
mirror-skroutz => '2a03:e40:42:200::151:1/128 2a03:e40:42:200::151:2/128 154.57.0.249/32 154.57.0.250',
default => undef,
@@
-10,7
+9,7
@@
class roles::bgp {
fail("Do not have bgp_peers set for $::hostname.")
}
fail("Do not have bgp_peers set for $::hostname.")
}
-
@
ferm::rule { 'dsa-bgp':
+ ferm::rule { 'dsa-bgp':
description => 'Allow BGP from peers',
domain => '(ip ip6)',
rule => "&SERVICE_RANGE(tcp, bgp, ($bgp_peers))"
description => 'Allow BGP from peers',
domain => '(ip ip6)',
rule => "&SERVICE_RANGE(tcp, bgp, ($bgp_peers))"