}
}
case $hostname {
- franck,gluck,kaufmann,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: {
+ franck,gluck,kaufmann,kassia,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: {
include ferm::rsync
}
}
case $hostname {
- saens,villa,lobos,raff,gluck,schein,wieck,steffani,ries,rietz,franck,morricone,valente,klecker: {
+ chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,raff,ries,rietz,saens,schein,steffani,valente,villa,wieck: {
include ferm::ftp
}
}
case $hostname {
- piatti: {
+ piatti,samosa: {
@ferm::rule { "dsa-udd-stunnel":
description => "port 8080 for udd stunnel",
rule => "&SERVICE_RANGE(tcp, http-alt, ( 192.25.206.16 70.103.162.29 217.196.43.134 ))"
}
}
+ paganini: {
+ @ferm::rule { "dsa-dhcp":
+ description => "Allow dhcp access",
+ rule => "&SERVICE(udp, 67)"
+ }
+ @ferm::rule { "dsa-tftp":
+ description => "Allow tftp access",
+ rule => "&SERVICE(udp, 69)"
+ }
+ }
handel: {
@ferm::rule { "dsa-puppet":
description => "Allow puppet access",
rule => "&SERVICE(tcp, 25)"
}
}
+ draghi: {
+ @ferm::rule { "dsa-bind":
+ domain => "(ip ip6)",
+ description => "Allow nameserver access",
+ rule => "&TCP_UDP_SERVICE(53)"
+ }
+ @ferm::rule { "dsa-finger":
+ domain => "(ip ip6)",
+ description => "Allow finger access",
+ rule => "&SERVICE(tcp, 79)"
+ }
+ @ferm::rule { "dsa-ldap":
+ domain => "(ip ip6)",
+ description => "Allow ldap access",
+ rule => "&SERVICE(tcp, 389)"
+ }
+ @ferm::rule { "dsa-ldaps":
+ domain => "(ip ip6)",
+ description => "Allow ldaps access",
+ rule => "&SERVICE(tcp, 636)"
+ }
+ }
}
}