X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=e92a7a9fbc0d24c7727c87ad128f3d30342aa127;hb=2e9c1a60911fe46829ff7987cac81359861c5f96;hp=138035825e7dcf8b3eda2d942e1bb67972a6a94a;hpb=f47bff9d61788f7422f2d0295caec252f30b41d7;p=mirror%2Fdsa-puppet.git diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index 138035825..e92a7a9fb 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -6,7 +6,7 @@ class ferm::per-host { } case $hostname { - chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,ries,rietz,saens,schein,steffani,valente,villa,wieck,stabile: { + chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,ries,rietz,saens,schein,santoro,steffani,valente,villa,wieck,stabile: { include ferm::ftp } } @@ -25,6 +25,12 @@ class ferm::per-host { } } + abel,alwyn,rietz: { + @ferm::rule { "dsa-tftp": + description => "Allow tftp access", + rule => "&SERVICE(udp, 69)" + } + } paganini: { @ferm::rule { "dsa-dhcp": description => "Allow dhcp access", @@ -75,6 +81,13 @@ class ferm::per-host { rule => "&SERVICE(tcp, 11371)" } } + franck: { + @ferm::rule { "dak_replication": + domain => "(ip)", + description => "Allow dak pg replication", + rule => "&SERVICE_RANGE(tcp, 5433, 128.148.34.103/32)" + } + } liszt: { @ferm::rule { "smtp": domain => "(ip ip6)", @@ -198,7 +211,7 @@ class ferm::per-host { @ferm::rule { "dsa-nat-snapshot-varnish": table => 'nat', chain => 'PREROUTING', - rule => 'proto tcp daddr 193.62.202.28 dport 80 REDIRECT to-ports 6081', + rule => 'proto tcp daddr 193.62.202.30 dport 80 REDIRECT to-ports 6081', } } stabile: {