projects / mirror / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 486e1dc)
allow conntrackd on vlan2
authorMartin Zobel-Helas <zobel@debian.org>
Fri, 12 Apr 2013 14:45:10 +0000 (16:45 +0200)
committerMartin Zobel-Helas <zobel@debian.org>
Fri, 12 Apr 2013 14:45:10 +0000 (16:45 +0200)
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
modules/ferm/manifests/per-host.pp patch | blob | history

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 953ea65..051fab7 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -301,6 +301,9 @@ REJECT reject-with icmp-admin-prohibited
                        @ferm::rule { 'dsa-vrrp':
                                rule            => 'proto vrrp daddr 224.0.0.18 jump ACCEPT',
                        }
+                       @ferm::rule { 'dsa-conntrackd':
+                               rule            => 'interface vlan2 daddr 225.0.0.50 jump ACCEPT',
+                       }
                }
                default: {}
        }
Unnamed repository; edit this file 'description' to name the repository.