}
case $hostname {
- chopin,franck,gluck,kaufmann,kassia,klecker,lobos,merikanto,morricone,raff,ravel,ries,rietz,saens,schein,senfl,stabile,steffani,valente,villa,wieck: {
+ chopin,franck,gluck,kaufmann,kassia,klecker,lobos,merikanto,merkel,morricone,raff,ravel,ries,rietz,saens,schein,senfl,stabile,steffani,valente,villa,wieck,wolkenstein: {
include ferm::rsync
}
}
rule => "&SERVICE_RANGE(tcp, http-alt, ( 192.25.206.16 70.103.162.29 217.196.43.134 ))"
}
}
+ danzi: {
+ @ferm::rule { "dsa-postgres-danzi":
+ description => "Allow postgress access",
+ rule => "&SERVICE_RANGE(tcp, 5433, ( 206.12.19.0/24 ))"
+ }
+
+ }
paganini: {
@ferm::rule { "dsa-dhcp":
description => "Allow dhcp access",
proto tcp dport (21 22 80 53 443) ACCEPT;
proto udp dport (53 123) ACCEPT;
proto tcp dport 8140 daddr 82.195.75.104 ACCEPT; # puppethost
- proto tcp dport 5140 daddr 82.195.75.98 ACCEPT; # loghost
+ proto tcp dport 5140 daddr (82.195.75.98 206.12.19.121) ACCEPT; # loghost
proto tcp dport (25 submission) daddr ($HOST_MAILRELAY_V4) ACCEPT
'
}