X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fferm%2Fmanifests%2Finit.pp;h=75b8f55d12fc212cd6567d0932a75ef02df3d90a;hb=bf8fb059cf46f8c8a74b55b970b97038925dc75b;hp=5bedd6c9f37b45945c590aed42ad4889923cd133;hpb=4b22086f6f79221555bcaab12b4553ae232b8f9d;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 5bedd6c9f..75b8f55d1 100644
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -35,7 +35,12 @@ class ferm {
 
         ferm::rule { "dsa-ssh":
                 description     => "Allow SSH from DSA",
-                rule            => "domain (ip ip6) proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_SOURCES) ACCEPT; }"
+                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_SOURCES) ACCEPT; }"
+        }
+        ferm::rule { "dsa-ssh-v6":
+                description     => "Allow SSH from DSA",
+                domain          => "ip6",
+                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_V6_SOURCES) ACCEPT; }"
         }
 
         exec { "ferm restart":