Switch nrpe firewalling to store/collect

[mirror/dsa-puppet.git] / modules / nagios / manifests / client.pp

diff --git a/modules/nagios/manifests/client.pp b/modules/nagios/manifests/client.pp
index 710378c..a2a7c24 100644 (file)
--- a/modules/nagios/manifests/client.pp
+++ b/modules/nagios/manifests/client.pp
@@ -13,17 +13,7 @@ class nagios::client inherits nagios {
     pattern   => 'nrpe',
   }
 
-  ferm::rule { 'dsa-nagios-v4':
-    description => 'Allow nrpe from nagios master',
-    rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
-    notarule    => true,
-  }
-  ferm::rule { 'dsa-nagios-v6':
-    description => 'Allow nrpe from nagios master',
-    domain      => 'ip6',
-    rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
-    notarule    => true,
-  }
+  Ferm::Rule::Simple <<| tag == 'nagios-nrpe::server' |>>
 
   file { '/etc/default/nagios-nrpe-server':
     source  => 'puppet:///modules/nagios/common/default',