From: Stephen Gran <steve@lobefin.net>
Date: Sat, 6 Mar 2010 12:21:17 +0000 (+0000)
Subject: convert ssh to new rule format
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=2b2591daf75e4430788da7055de3b25c7e3df5f3;p=mirror%2Fdsa-puppet.git

convert ssh to new rule format

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index e2248f847..9d272a224 100644
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -33,11 +33,11 @@ class ssh {
 
         @ferm::rule { "dsa-ssh":
                 description     => "Allow SSH from DSA",
-                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_SOURCES) ACCEPT; }"
+                rule            => "&SERVICE_RANGE(tcp, ssh, \$SSH_SOURCES)"
         }
         @ferm::rule { "dsa-ssh-v6":
                 description     => "Allow SSH from DSA",
                 domain          => "ip6",
-                rule            => "proto tcp mod state state (NEW) dport (ssh) @subchain 'ssh' { saddr (\$SSH_V6_SOURCES) ACCEPT; }"
+                rule            => "&SERVICE_RANGE(tcp, ssh, \$SSH_V6_SOURCES)"
         }
 }