exuberant quoting

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp
index 38a77a8..4a213f9 100644 (file)
--- a/modules/exim/manifests/init.pp
+++ b/modules/exim/manifests/init.pp
@@ -127,13 +127,13 @@ class exim {
 
        @ferm::rule { 'dsa-exim':
                description => 'Allow SMTP',
-               rule        => '&SERVICE_RANGE(tcp, $mail_port, \$SMTP_SOURCES)'
+               rule        => '&SERVICE_RANGE(tcp, $mail_port, $SMTP_SOURCES)'
        }
 
        @ferm::rule { 'dsa-exim-v6':
                description => 'Allow SMTP',
                domain      => 'ip6',
-               rule        => '&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)'
+               rule        => '&SERVICE_RANGE(tcp, $mail_port, $SMTP_V6_SOURCES)'
        }
 
        # Do we actually want this?  I'm only doing it because it's harmless

diff --git a/modules/exim/manifests/mx.pp b/modules/exim/manifests/mx.pp
index c1b4fdb..70a3702 100644 (file)
--- a/modules/exim/manifests/mx.pp
+++ b/modules/exim/manifests/mx.pp
@@ -15,12 +15,12 @@ class exim::mx inherits exim {
 
        @ferm::rule { 'dsa-exim-submission':
                description => 'Allow SMTP',
-               rule        => '&SERVICE_RANGE(tcp, submission, \$SMTP_SOURCES)'
+               rule        => '&SERVICE_RANGE(tcp, submission, $SMTP_SOURCES)'
        }
        @ferm::rule { 'dsa-exim-v6-submission':
                description => 'Allow SMTP',
                domain      => 'ip6',
-               rule        => '&SERVICE_RANGE(tcp, submission, \$SMTP_V6_SOURCES)',
+               rule        => '&SERVICE_RANGE(tcp, submission, $SMTP_V6_SOURCES)',
        }
 
 }

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 83e2894..1532f9f 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -47,12 +47,12 @@ class ferm::per-host {
                handel: {
                        @ferm::rule { 'dsa-puppet':
                                description     => 'Allow puppet access',
-                               rule            => '&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V4)'
+                               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
                        }
                        @ferm::rule { 'dsa-puppet-v6':
                                domain          => 'ip6',
                                description     => 'Allow puppet access',
-                               rule            => '&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V6)'
+                               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
                        }
                }
                powell: {
@@ -69,12 +69,12 @@ class ferm::per-host {
                heininen,lotti: {
                        @ferm::rule { 'dsa-syslog':
                                description     => 'Allow syslog access',
-                               rule            => '&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V4)'
+                               rule            => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN_V4)'
                        }
                        @ferm::rule { 'dsa-syslog-v6':
                                domain          => 'ip6',
                                description     => 'Allow syslog access',
-                               rule            => '&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V6)'
+                               rule            => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN_V6)'
                        }
                }
                kaufmann: {

diff --git a/modules/ferm/manifests/zivit.pp b/modules/ferm/manifests/zivit.pp
index b513a3b..42ae459 100644 (file)
--- a/modules/ferm/manifests/zivit.pp
+++ b/modules/ferm/manifests/zivit.pp
@@ -9,7 +9,7 @@ class ferm::zivit {
        }
        @ferm::rule { 'dsa-time':
                description => 'Allow time access',
-               rule        => '&SERVICE_RANGE(tcp, time, \$HOST_NAGIOS_V4)'
+               rule        => '&SERVICE_RANGE(tcp, time, $HOST_NAGIOS_V4)'
        }
 }
 

diff --git a/modules/munin/manifests/init.pp b/modules/munin/manifests/init.pp
index b45d664..ee50bd0 100644 (file)
--- a/modules/munin/manifests/init.pp
+++ b/modules/munin/manifests/init.pp
@@ -30,14 +30,14 @@ class munin {
 
        @ferm::rule { 'dsa-munin-v4':
                description     => 'Allow munin from munin master',
-               rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr (\$HOST_MUNIN_V4 \$HOST_NAGIOS_V4) ACCEPT; }',
+               rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V4 $HOST_NAGIOS_V4) ACCEPT; }',
                notarule        => true,
        }
 
        @ferm::rule { 'dsa-munin-v6':
                description     => 'Allow munin from munin master',
                domain          => 'ip6',
-               rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr (\$HOST_MUNIN_V6 \$HOST_NAGIOS_V6) ACCEPT; }',
+               rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V6 $HOST_NAGIOS_V6) ACCEPT; }',
                notarule        => true,
        }
 }

diff --git a/modules/nagios/manifests/client.pp b/modules/nagios/manifests/client.pp
index 9768129..a248229 100644 (file)
--- a/modules/nagios/manifests/client.pp
+++ b/modules/nagios/manifests/client.pp
@@ -15,13 +15,13 @@ class nagios::client inherits nagios {
 
        @ferm::rule { 'dsa-nagios-v4':
                description => 'Allow nrpe from nagios master',
-               rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr (\$HOST_NAGIOS_V4) ACCEPT; }',
+               rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
                notarule    => true,
        }
        @ferm::rule { 'dsa-nagios-v6':
                description => 'Allow nrpe from nagios master',
                domain      => 'ip6',
-               rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr (\$HOST_NAGIOS_V6) ACCEPT; }',
+               rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
                notarule    => true,
        }
 

diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index b7df181..f4e24c2 100644 (file)
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -10,12 +10,12 @@ class ssh {
 
        @ferm::rule { 'dsa-ssh':
                description => 'Allow SSH from DSA',
-               rule        => '&SERVICE_RANGE(tcp, ssh, \$SSH_SOURCES)'
+               rule        => '&SERVICE_RANGE(tcp, ssh, $SSH_SOURCES)'
        }
        @ferm::rule { 'dsa-ssh-v6':
                description => 'Allow SSH from DSA',
                domain      => 'ip6',
-               rule        => '&SERVICE_RANGE(tcp, ssh, \$SSH_V6_SOURCES)'
+               rule        => '&SERVICE_RANGE(tcp, ssh, $SSH_V6_SOURCES)'
        }
 
        file { '/etc/ssh/ssh_config':