stop including ferm for now

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/manifests/site.pp b/manifests/site.pp
index b108579..2bc7939 100644 (file)
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -84,7 +84,4 @@ node default {
     case $hoster {
         "ubcece", "darmstadt", "ftcollins", "grnet":  { include resolv }
     }
-    case $hostname {
-       brahms: { include ferm }
-    }
 }

diff --git a/modules/munin-node/manifests/init.pp b/modules/munin-node/manifests/init.pp
index 79eaa62..29bef07 100644 (file)
--- a/modules/munin-node/manifests/init.pp
+++ b/modules/munin-node/manifests/init.pp
@@ -75,10 +75,5 @@ class munin-node {
         path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
         refreshonly => true,
     }
-    ferm::rule { "dsa-munin":
-        description     => "Allow munin-node from spohr.debian.org",
-        rule            => 'proto tcp dport 4949 saddr $HOST_MUNIN ACCEPT',
-       prio            => "02"
-   }
 }
 

diff --git a/modules/nagios/manifests/init.pp b/modules/nagios/manifests/init.pp
index 70e0865..13c0dc9 100644 (file)
--- a/modules/nagios/manifests/init.pp
+++ b/modules/nagios/manifests/init.pp
@@ -2,9 +2,4 @@ class nagios {
        package {
                nagios-nrpe-server: ensure => installed;
        }
-       ferm::rule { "dsa-nagios":
-               description     => "Allow nrpe from spohr.debian.org",
-               rule            => 'proto tcp dport 5666 saddr $HOST_NAGIOS ACCEPT',
-               prio            => "03"
-       }
 }

diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index b3e32e3..9b25383 100644 (file)
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -37,11 +37,5 @@ class ssh {
             path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
             refreshonly => true,
         }
-        ferm::rule { "dsa-ssh":
-               description     => "Allow SSH",
-               rule            => "proto tcp dport ssh ACCEPT",
-               domain          => "(ip ip6)",
-               prio            => "01"
-        }
 
 }