From 5798c1ac4a2c2bd8737087b515d0eb4869482576 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 30 Sep 2019 08:17:35 +0200 Subject: [PATCH] Move draghi finger/ldap/ldaps fw into dbmaster role --- modules/ferm/manifests/per_host.pp | 17 ----------------- modules/roles/manifests/dbmaster.pp | 7 +++++++ 2 files changed, 7 insertions(+), 17 deletions(-) diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp index 7668641b8..970ff2b91 100644 --- a/modules/ferm/manifests/per_host.pp +++ b/modules/ferm/manifests/per_host.pp @@ -10,23 +10,6 @@ class ferm::per_host { rule => '&SERVICE_RANGE(tcp, 3493, ( 82.195.75.64/26 192.168.43.0/24 ))' } } - draghi: { - ferm::rule { 'dsa-finger': - domain => '(ip ip6)', - description => 'Allow finger access', - rule => '&SERVICE(tcp, 79)' - } - ferm::rule { 'dsa-ldap': - domain => '(ip ip6)', - description => 'Allow ldap access', - rule => '&SERVICE(tcp, 389)' - } - ferm::rule { 'dsa-ldaps': - domain => '(ip ip6)', - description => 'Allow ldaps access', - rule => '&SERVICE(tcp, 636)' - } - } default: {} } diff --git a/modules/roles/manifests/dbmaster.pp b/modules/roles/manifests/dbmaster.pp index 1a0fa9edc..e78167a75 100644 --- a/modules/roles/manifests/dbmaster.pp +++ b/modules/roles/manifests/dbmaster.pp @@ -53,4 +53,11 @@ class roles::dbmaster { mail_user => 'mail_db', mail_group => 'nogroup', } + + ferm::rule::simple { 'finger': + port => 'finger', + } + ferm::rule::simple { 'ldap': + port => ['ldap', 'ldaps'], + } } -- 2.20.1