| EOF
tag => $bacula::tag_bacula_dsa_client_list,
}
+
+ # allow access from director
+ Ferm::Rule::Simple <<| tag == 'bacula::director-to-fd' |>> {
+ port => $bacula::bacula_client_port
+ }
} elsif $ensure == 'absent' {
file { '/etc/bacula':
ensure => absent,
ensure => absent,
}
}
-
- ferm::rule { 'dsa-bacula-fd':
- domain => '(ip ip6)',
- description => 'Allow bacula access from storage and director',
- rule => "proto tcp mod state state (NEW) dport (${bacula::bacula_client_port}) saddr (${bacula::bacula_director_ip_addrs}) ACCEPT",
- }
}