add more casulana rules for br1

author Luca Filipozzi <lfilipoz@emyr.net>

Wed, 18 Oct 2017 17:59:54 +0000 (17:59 +0000)

committer Luca Filipozzi <lfilipoz@emyr.net>

Wed, 18 Oct 2017 18:00:48 +0000 (18:00 +0000)
author Luca Filipozzi <lfilipoz@emyr.net>
Wed, 18 Oct 2017 17:59:54 +0000 (17:59 +0000)
committer Luca Filipozzi <lfilipoz@emyr.net>
Wed, 18 Oct 2017 18:00:48 +0000 (18:00 +0000)
diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp

index 2afa570..d599c14 100644 (file)
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -9,8 +9,14 @@ class ferm::per_host {
  
         case $::hostname {
                 casulana: {
-                       @ferm::rule { 'dsa-cloud-builds-nat':
-                               description     => 'masquerade br1 virtual machines',
+                       @ferm::rule { 'dsa-cloud-builds-br1-in':
+                               description     => 'br1 virtual machines - in',
+                               table           => 'filter',
+                               chain           => 'INPUT',
+                               rule            => 'interface br1 ACCEPT'
+                       }
+                       @ferm::rule { 'dsa-cloud-builds-br1-nat':
+                               description     => 'br1 virtual machines - nat',
                                 table           => 'nat',
                                 chain           => 'POSTROUTING',
                                 rule            => 'saddr 172.16.1.0/24 outerface bond0.21 MASQUERADE'
author	Luca Filipozzi <lfilipoz@emyr.net>
	Wed, 18 Oct 2017 17:59:54 +0000 (17:59 +0000)
committer	Luca Filipozzi <lfilipoz@emyr.net>
	Wed, 18 Oct 2017 18:00:48 +0000 (18:00 +0000)