X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Frtc.pp;h=26a6e52fd6b94820b7fc642d4ff015c3fa7aaf02;hb=40ea2eb95b19f449abb6f60b04caccd8e4a7510b;hp=2a6adcd03eb21adc27a561e6e681f57187db9497;hpb=0ba93256399fbad7ed8fabfa39c24dd47169dde3;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp index 2a6adcd03..26a6e52fd 100644 --- a/modules/roles/manifests/rtc.pp +++ b/modules/roles/manifests/rtc.pp @@ -18,73 +18,73 @@ class roles::rtc { hostname => $::fqdn, } - @ferm::rule { 'dsa-xmpp-client-ip4': + ferm::rule { 'dsa-xmpp-client-ip4': domain => 'ip', description => 'XMPP connections (client to server)', rule => 'proto tcp dport (5222) ACCEPT' } - @ferm::rule { 'dsa-xmpp-client-ip6': + ferm::rule { 'dsa-xmpp-client-ip6': domain => 'ip6', description => 'XMPP connections (client to server)', rule => 'proto tcp dport (5222) ACCEPT' } - @ferm::rule { 'dsa-xmpp-server-ip4': + ferm::rule { 'dsa-xmpp-server-ip4': domain => 'ip', description => 'XMPP connections (server to server)', rule => 'proto tcp dport (5269) ACCEPT' } - @ferm::rule { 'dsa-xmpp-server-ip6': + ferm::rule { 'dsa-xmpp-server-ip6': domain => 'ip6', description => 'XMPP connections (server to server)', rule => 'proto tcp dport (5269) ACCEPT' } - @ferm::rule { 'dsa-sip-ws-ip4': + ferm::rule { 'dsa-sip-ws-ip4': domain => 'ip', description => 'SIP connections (WebSocket; for WebRTC)', rule => 'proto tcp dport (443) ACCEPT' } - @ferm::rule { 'dsa-sip-ws-ip6': + ferm::rule { 'dsa-sip-ws-ip6': domain => 'ip6', description => 'SIP connections (WebSocket; for WebRTC)', rule => 'proto tcp dport (443) ACCEPT' } - @ferm::rule { 'dsa-sip-tls-ip4': + ferm::rule { 'dsa-sip-tls-ip4': domain => 'ip', description => 'SIP connections (TLS)', rule => 'proto tcp dport (5061) ACCEPT' } - @ferm::rule { 'dsa-sip-tls-ip6': + ferm::rule { 'dsa-sip-tls-ip6': domain => 'ip6', description => 'SIP connections (TLS)', rule => 'proto tcp dport (5061) ACCEPT' } - @ferm::rule { 'dsa-turn-ip4': + ferm::rule { 'dsa-turn-ip4': domain => 'ip', description => 'TURN connections', rule => 'proto udp dport (3478) ACCEPT' } - @ferm::rule { 'dsa-turn-ip6': + ferm::rule { 'dsa-turn-ip6': domain => 'ip6', description => 'TURN connections', rule => 'proto udp dport (3478) ACCEPT' } - @ferm::rule { 'dsa-turn-tls-ip4': + ferm::rule { 'dsa-turn-tls-ip4': domain => 'ip', description => 'TURN connections (TLS)', rule => 'proto tcp dport (5349) ACCEPT' } - @ferm::rule { 'dsa-turn-tls-ip6': + ferm::rule { 'dsa-turn-tls-ip6': domain => 'ip6', description => 'TURN connections (TLS)', rule => 'proto tcp dport (5349) ACCEPT' } - @ferm::rule { 'dsa-rtp-ip4': + ferm::rule { 'dsa-rtp-ip4': domain => 'ip', description => 'RTP streams', rule => 'proto udp dport (49152:65535) ACCEPT' } - @ferm::rule { 'dsa-rtp-ip6': + ferm::rule { 'dsa-rtp-ip6': domain => 'ip6', description => 'RTP streams', rule => 'proto udp dport (49152:65535) ACCEPT'