try to start breaking up firewall rules into something not quite as messy

[mirror/dsa-puppet.git] / modules / ferm / manifests / zivit.pp

diff --git a/modules/ferm/manifests/zivit.pp b/modules/ferm/manifests/zivit.pp
new file mode 100644 (file)
index 0000000..e392b3f
--- /dev/null
+++ b/modules/ferm/manifests/zivit.pp
@@ -0,0 +1,15 @@
+class ferm::zivit {
+    @ferm::rule { "dsa-zivit-rrdcollect":
+        description  => "port 6666 for rrdcollect for zivit",
+        rule         => "&SERVICE_RANGE(tcp, 6666, ( 10.130.18.71 ))"
+    }
+    @ferm::rule { "dsa-zivit-zabbix":
+        description  => "port 10050 for zabbix for zivit",
+        rule         => "&SERVICE_RANGE(tcp, 10050, ( 10.130.18.76 ))"
+    }
+    @ferm::rule { "dsa-time":
+        description     => "Allow time access",
+        rule            => "&SERVICE_RANGE(tcp, time, \$HOST_NAGIOS_V4)"
+    }
+}
+