X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fftp_conntrack.pp;h=d64d40956c3f918676c69f5330a5473bc5759da1;hb=2ca340df04500fd2887bf401502e8b3d17598e35;hp=87e1b0c8bdddadec2afe89bbde8e89516dda68af;hpb=1a3c2dd5f3bf902cc217fa405057cb9c5d0f165d;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/ftp_conntrack.pp b/modules/ferm/manifests/ftp_conntrack.pp
index 87e1b0c8b..d64d40956 100644
--- a/modules/ferm/manifests/ftp_conntrack.pp
+++ b/modules/ferm/manifests/ftp_conntrack.pp
@@ -1,24 +1,19 @@
 class ferm::ftp_conntrack {
-	# This also works for jessie hosts, but requires a reboot
-	if (versioncmp($::lsbmajdistrelease, '9') >= 0) {
-		# Allow non-passive connections to an FTP server
-		ferm::rule { 'dsa-ftp-conntrack-client':
-			domain      => '(ip ip6)',
-			description => 'ftp client connection tracking',
-			table       => 'raw',
-			chain       => 'OUTPUT',
-			rule        => 'proto tcp dport 21 CT helper ftp'
-		}
+	# Allow non-passive connections to an FTP server
+	ferm::rule { 'dsa-ftp-conntrack-client':
+		domain      => '(ip ip6)',
+		description => 'ftp client connection tracking',
+		table       => 'raw',
+		chain       => 'OUTPUT',
+		rule        => 'proto tcp dport 21 CT helper ftp'
+	}
 
-		# Allow passive connections from an FTP client
-		ferm::rule { 'dsa-ftp-conntrack-server':
-			domain      => '(ip ip6)',
-			description => 'ftp server connection tracking',
-			table       => 'raw',
-			chain       => 'PREROUTING',
-			rule        => 'proto tcp dport 21 CT helper ftp'
-		}
-	} else {
-		ferm::module { 'nf_conntrack_ftp': }
+	# Allow passive connections from an FTP client
+	ferm::rule { 'dsa-ftp-conntrack-server':
+		domain      => '(ip ip6)',
+		description => 'ftp server connection tracking',
+		table       => 'raw',
+		chain       => 'PREROUTING',
+		rule        => 'proto tcp dport 21 CT helper ftp'
 	}
 }