convert ssh to new rule format

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index e2248f8..9d272a2 100644 (file)
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -33,11 +33,11 @@ class ssh {
 
         @ferm::rule { "dsa-ssh":
                 description     => "Allow SSH from DSA",
-                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_SOURCES) ACCEPT; }"
+                rule            => "&SERVICE_RANGE(tcp, ssh, \$SSH_SOURCES)"
         }
         @ferm::rule { "dsa-ssh-v6":
                 description     => "Allow SSH from DSA",
                 domain          => "ip6",
-                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_V6_SOURCES) ACCEPT; }"
+                rule            => "&SERVICE_RANGE(tcp, ssh, \$SSH_V6_SOURCES)"
         }
 }