ignore bind stuff on geo servers as well

[mirror/dsa-puppet.git] / modules / ferm / manifests / init.pp

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 45d14d4..b228e69 100644 (file)
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -1,5 +1,5 @@
 class ferm {
-    define rule($domain="ip", $chain="INPUT", $rule, $description="", $prio="00") {
+    define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00") {
         file {
             "/etc/ferm/dsa.d/${prio}_${name}":
                 ensure  => present,
@@ -17,7 +17,6 @@ class ferm {
     package {
             ferm: ensure => installed;
             ulogd: ensure => installed;
-            logrotate: ensure => installed;
     }
 
     file {
@@ -28,6 +27,9 @@ class ferm {
             recurse => true,
             source  => "puppet:///files/empty/",
             require => Package["ferm"];
+        "/etc/ferm":
+            ensure  => directory,
+            mode    => 0755;
         "/etc/ferm/conf.d":
             ensure => directory,
             require => Package["ferm"];