From 535c22cc944d9da2a569dd883780c133db7dae21 Mon Sep 17 00:00:00 2001
From: Stephen Gran <steve@lobefin.net>
Date: Sun, 7 Mar 2010 23:28:25 +0000
Subject: [PATCH] handel gets a firewall

Signed-off-by: Stephen Gran <steve@lobefin.net>
---
 manifests/site.pp | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/manifests/site.pp b/manifests/site.pp
index 7a8565dbd..7219eca2a 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -91,7 +91,7 @@ node default {
     }
 
     case $hostname {
-        logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball: { include ferm }
+        logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball,handel: { include ferm }
     }
     case $hostname {
         piatti: {
@@ -125,6 +125,16 @@ node default {
 		    rule            => "&SERVICE_RANGE(tcp, time, \$HOST_NAGIOS_V4)"
 	   }
         }
+        handel: {
+	   @ferm::rule { "dsa-puppet":
+		    description     => "Allow puppet access",
+		    rule            => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V4)"
+	   }
+	   @ferm::rule { "dsa-puppet-v6":
+		    description     => "Allow puppet access",
+		    rule            => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V6)"
+	   }
+        }
 
     }
     case $brokenhosts {
-- 
2.20.1