X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=e2cb9900e487a07b2833117333855103db000996;hb=9f3732a99e73861c4cd935df754701eda2e9af2a;hp=b494c2a941a4e8244d6f27dec59ac01cc8bd2096;hpb=e63c8f520153204ce1bee4f4aca2b6eb0308a3f0;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index b494c2a94..e2cb9900e 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -6,25 +6,35 @@ class ferm::per-host {
         }
     }
     case $hostname {
-        franck,gluck,kaufmann,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: {
+        franck,gluck,kaufmann,kassia,klecker,lobos,morricone,raff,ravel,ries,rietz,saens,schein,senfl,stabile,steffani,valente,villa,wieck: {
            include ferm::rsync
         }
     }
 
     case $hostname {
-        saens,villa,lobos,raff,gluck,schein,wieck,steffani,ries,rietz,franck,morricone,valente,klecker: {
+        chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,raff,ries,rietz,saens,schein,steffani,valente,villa,wieck: {
            include ferm::ftp
         }
     }
 
     case $hostname {
-        piatti: {
+        piatti,samosa: {
            @ferm::rule { "dsa-udd-stunnel":
                description  => "port 8080 for udd stunnel",
                rule         => "&SERVICE_RANGE(tcp, http-alt, ( 192.25.206.16 70.103.162.29 217.196.43.134 ))"
            }
         }
 
+        paganini: {
+           @ferm::rule { "dsa-dhcp":
+		    description     => "Allow dhcp access",
+		    rule            => "&SERVICE(udp, 67)"
+	   }
+           @ferm::rule { "dsa-tftp":
+		    description     => "Allow tftp access",
+		    rule            => "&SERVICE(udp, 69)"
+	   }
+        }
         handel: {
 	   @ferm::rule { "dsa-puppet":
 		    description     => "Allow puppet access",
@@ -82,5 +92,27 @@ class ferm::per-host {
 		    rule            => "&SERVICE(tcp, 25)"
            }
         }
+	draghi: {
+            @ferm::rule { "dsa-bind":
+                    domain          => "(ip ip6)",
+                    description     => "Allow nameserver access",
+                    rule            => "&TCP_UDP_SERVICE(53)"
+            }
+            @ferm::rule { "dsa-finger":
+                    domain          => "(ip ip6)",
+                    description     => "Allow finger access",
+                    rule            => "&SERVICE(tcp, 79)"
+	    }
+            @ferm::rule { "dsa-ldap":
+                    domain          => "(ip ip6)",
+                    description     => "Allow ldap access",
+                    rule            => "&SERVICE(tcp, 389)"
+	    }
+            @ferm::rule { "dsa-ldaps":
+                    domain          => "(ip ip6)",
+                    description     => "Allow ldaps access",
+                    rule            => "&SERVICE(tcp, 636)"
+	    }
+        }
     }
 }