+# our primary nameserver
+#
+# it will not, by default, open the firewall for requests.
class named::primary inherits named::authoritative {
include dnsextras::entries
- ferm::rule { '01-dsa-bind-4':
- domain => '(ip ip6)',
- description => 'Allow nameserver access',
- rule => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_GEO $HOST_NAGIOS $HOST_RCODE0 $HOST_EASYDNS $HOST_NETNOD ) )',
- }
- Ferm::Rule::Simple <<| tag == 'named::primary::ferm' |>>
-
concat::fragment { 'dsa-named-conf-puppet-misc---local-shared-keys':
target => '/etc/bind/named.conf.puppet-misc',
order => '020',