add tcp port for remote syslog
authorMartin Zobel-Helas <zobel@debian.org>
Fri, 18 Jun 2010 16:25:27 +0000 (18:25 +0200)
committerMartin Zobel-Helas <zobel@debian.org>
Fri, 18 Jun 2010 16:25:27 +0000 (18:25 +0200)
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
manifests/site.pp

index 06e6cc4..59bcf74 100644 (file)
@@ -167,6 +167,17 @@ node default {
                    rule            => "source 172.22.127.147 interface bond0 jump ACCEPT",
           }
        }
+        heininen: {
+          @ferm::rule { "dsa-puppet":
+                   description     => "Allow syslog access",
+                   rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V4)"
+          }
+          @ferm::rule { "dsa-puppet-v6":
+                   domain          => 'ip6',
+                   description     => "Allow syslog access",
+                   rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V6)"
+          }
+        }
 
     }
     case $brokenhosts {