From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 23 Sep 2019 16:56:43 +0000 (+0200)
Subject: merge ipv4 and ipv6 rules to bacula-sd
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=93adaa925209eb347451bf8faf2799c2f59ed968;p=mirror%2Fdsa-puppet.git

merge ipv4 and ipv6 rules to bacula-sd
---

diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp
index 3d60de9e7..63de0de3e 100644
--- a/modules/bacula/manifests/storage.pp
+++ b/modules/bacula/manifests/storage.pp
@@ -44,17 +44,10 @@ class bacula::storage inherits bacula {
     notify  => Exec['bacula-sd restart-when-idle']
   }
 
-  ferm::rule { 'dsa-bacula-sd-v4':
-    domain      => '(ip)',
-    description => 'Allow bacula-sd access from director and clients',
-    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN_V4 5.153.231.125 5.153.231.126) ACCEPT; }',
-    notarule    => true,
-  }
-
-  ferm::rule { 'dsa-bacula-sd-v6':
-    domain      => '(ip6)',
-    description => 'Allow bacula-sd access from director and clients',
-    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN_V6) ACCEPT; }',
+  ferm::rule { 'dsa-bacula-sd':
+    domain      => '(ip ip6)',
+    description => 'Allow bacula-sd access from director and clients (i.e. all of Debian)',
+    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN 5.153.231.125 5.153.231.126) ACCEPT; }',
     notarule    => true,
   }