X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fstunnel4%2Fmanifests%2Finit.pp;h=83fbd820c90979839aca4eea89783bfc196ed7c0;hb=bd7bcdd464b687541457670cb221f415faa33a29;hp=b26cdbc55f6691bf43caf804760c0a56c167ddb2;hpb=06d9cdbd524b8fcd7cbf915620678561fe10dff6;p=mirror%2Fdsa-puppet.git

diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp
index b26cdbc55..83fbd820c 100644
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -1,6 +1,12 @@
 class stunnel4 {
     define stunnel_generic($client, $verify, $cafile, $crlfile=false, $accept, $connect, $local=false) {
         file {
+            "/etc/stunnel":
+                ensure  => directory,
+                owner   => root,
+                group   => root,
+                mode    => 755,
+                ;
             "/etc/stunnel/puppet-${name}.conf":
                 content => template("stunnel4/stunnel.conf.erb"),
                 notify  => Exec['restart_stunnel'],
@@ -29,8 +35,12 @@ class stunnel4 {
         @ferm::rule {
             "stunnel-${name}":
                 description => "stunnel ${name}",
-                rule => "&TCP_UDP_SERVICE(${accept})",
-                domain => "(ip ip6)",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V4)",
+                ;
+            "stunnel-${name}-v6":
+                domain          => 'ip6',
+                description => "stunnel ${name}",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V6)",
                 ;
         }
     }