add hkp for kaufmann

author Martin Zobel-Helas <zobel@debian.org>

Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)

committer Martin Zobel-Helas <zobel@debian.org>

Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)
author Martin Zobel-Helas <zobel@debian.org>
Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)
committer Martin Zobel-Helas <zobel@debian.org>
Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)
diff --git a/manifests/site.pp b/manifests/site.pp

index 820bb08..49fc853 100644 (file)
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -168,7 +168,7 @@ node default {
                     rule            => "source 172.22.127.147 interface bond0 jump ACCEPT",
            }
         }
-        heininen: {
+       heininen: {
            @ferm::rule { "dsa-syslog":
                     description     => "Allow syslog access",
                     rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V4)"
@@ -179,7 +179,13 @@ node default {
                     rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V6)"
            }
          }
-
+       kaufmann: {
+           @ferm::rule { "dsa-hkp":
+                   domain          => "(ip ip6)",
+                   description     => "Allow ftp access",
+                   rule            => "&SERVICE(tcp, 11371)"
+           }
+       }
      }
      case $brokenhosts {
          "true":    { include hosts }
author	Martin Zobel-Helas <zobel@debian.org>
	Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)
committer	Martin Zobel-Helas <zobel@debian.org>
	Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)