ferm::per-host: allow HKP to keyring.d.o from the kFreeBSDs

author Philipp Kern <pkern@debian.org>

Wed, 20 Jul 2011 22:10:18 +0000 (00:10 +0200)

committer Martin Zobel-Helas <zobel@debian.org>

Fri, 22 Jul 2011 08:01:59 +0000 (10:01 +0200)
author Philipp Kern <pkern@debian.org>
Wed, 20 Jul 2011 22:10:18 +0000 (00:10 +0200)
committer Martin Zobel-Helas <zobel@debian.org>
Fri, 22 Jul 2011 08:01:59 +0000 (10:01 +0200)
diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp

index aa20cbd..5fd19ce 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -150,6 +150,7 @@ class ferm::per-host {
                                  proto udp dport (53 123) ACCEPT;
                                  proto tcp dport 8140 daddr 82.195.75.104 ACCEPT; # puppethost
                                  proto tcp dport 5140 daddr (82.195.75.98 206.12.19.121) ACCEPT; # loghost
+                                proto tcp dport 11371 daddr 82.195.75.107 ACCEPT; # keyring host
                                  proto tcp dport (25 submission) daddr ($HOST_MAILRELAY_V4) ACCEPT
                                 '
          }
author	Philipp Kern <pkern@debian.org>
	Wed, 20 Jul 2011 22:10:18 +0000 (00:10 +0200)
committer	Martin Zobel-Helas <zobel@debian.org>
	Fri, 22 Jul 2011 08:01:59 +0000 (10:01 +0200)