From 15cdae0dd4fa8519685f9ce3aa4dc778270b2252 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 9 Sep 2010 17:46:07 +0200
Subject: [PATCH] Use service names instead of port numbers

---
 modules/ferm/manifests/per-host.pp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 575b2019d..f4abeb198 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -132,7 +132,7 @@ class ferm::per-host {
             @ferm::rule { "dsa-krb-kdc":
                 domain          => "(ip ip6)",
                 description  => "kerberos KDC",
-                rule         => "&SERVICE(tcp, 88)"
+                rule         => "&SERVICE(tcp, kerberos)"
             }
         }
     }
@@ -141,17 +141,17 @@ class ferm::per-host {
             @ferm::rule { "dsa-krb-ipropd":
                 domain       => "ip",
                 description  => "kerberos ipropd",
-                rule         => "&SERVICE_RANGE(tcp, 2121, 206.12.19.119)",
+                rule         => "&SERVICE_RANGE(tcp, iprop, 206.12.19.119)",
             }
             @ferm::rule { "dsa-krb-ipropd-v6":
                 domain       => 'ip6',
                 description  => "kerberos ipropd (IPv6)",
-                rule         => "&SERVICE_RANGE(tcp, 2121, 2607:f8f0:610:4000:216:36ff:fe40:380a)",
+                rule         => "&SERVICE_RANGE(tcp, iprop, 2607:f8f0:610:4000:216:36ff:fe40:380a)",
             }
             @ferm::rule { "dsa-krb-kpasswdd":
                 domain          => "(ip ip6)",
                 description  => "kerberos KDC",
-                rule         => "&SERVICE(udp, 464)",
+                rule         => "&SERVICE(udp, kpasswd)",
             }
         }
     }
-- 
2.20.1