add dns and finger rules for draghi

[mirror/dsa-puppet.git] / modules / ferm / manifests / per-host.pp

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 2a29a17..4ed687f 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -82,5 +82,17 @@ class ferm::per-host {
                    rule            => "&SERVICE(tcp, 25)"
            }
         }
+       draghi: {
+            @ferm::rule { "dsa-bind":
+                    domain          => "(ip ip6)",
+                    description     => "Allow nameserver access",
+                    rule            => "&TCP_UDP_SERVICE(53)"
+            }
+            @ferm::rule { "dsa-finger":
+                    domain          => "(ip ip6)",
+                    description     => "Allow finger access",
+                    rule            => "&SERVICE(tcp, 79)"
+           }
+        }
     }
 }