From 02468c9711c0cf6297d6057f9ba5ed78af11be83 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 23 Aug 2014 11:47:44 +0200
Subject: [PATCH] Allow bt ports between static hosts

---
 modules/roles/manifests/static_base.pp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/modules/roles/manifests/static_base.pp b/modules/roles/manifests/static_base.pp
index 6d4c33dd2..ed1f55f25 100644
--- a/modules/roles/manifests/static_base.pp
+++ b/modules/roles/manifests/static_base.pp
@@ -20,4 +20,16 @@ class roles::static_base {
 	}
 	file { '/usr/local/bin/static-mirror-ssh-wrap': ensure => absent; }
 	file { '/usr/local/bin/static-master-ssh-wrap': ensure => absent; }
+
+	@ferm::rule { 'dsa-static-bt-v4':
+		description => 'Allow bt between static hosts',
+		rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881-6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V4) ACCEPT; }',
+		notarule    => true,
+	}
+	@ferm::rule { 'dsa-static-bt-v6':
+		description => 'Allow bt between static hosts',
+		domain      => 'ip6',
+		rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881-6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V6) ACCEPT; }',
+		notarule    => true,
+	}
 }
-- 
2.20.1