From 821b298ba9b07aeac308e1279e798a9fe8e9aa26 Mon Sep 17 00:00:00 2001
From: Stephen Gran <steve@lobefin.net>
Date: Wed, 8 Jan 2014 20:00:43 +0000
Subject: [PATCH] change to rules by ip

Signed-off-by: Stephen Gran <steve@lobefin.net>
---
 modules/roles/manifests/pubsub.pp | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp
index 2f02be0d3..100850fa2 100644
--- a/modules/roles/manifests/pubsub.pp
+++ b/modules/roles/manifests/pubsub.pp
@@ -57,16 +57,23 @@ class roles::pubsub {
 	}
 
 	if $::hostname == $cc_master {
-		$you = $cc_secondary
+		$you  = '5.153.231.15'
+		$you6 = '2001:41c8:1000:21::21:15'
 	} else {
-		$you = $cc_master
+		$you  = '5.153.231.16'
+		$you6 = '2001:41c8:1000:21::21:16'
 	}
 
 	@ferm::rule { 'rabbitmq_cluster':
-		domain      => '(ip ip6)',
+		domain      => 'ip',
 		description => 'rabbitmq cluster connections',
 		rule        => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
 	}
+	@ferm::rule { 'rabbitmq_cluster':
+		domain      => 'ip6',
+		description => 'rabbitmq cluster connections',
+		rule        => "proto tcp mod state state (NEW) saddr (${you6}) ACCEPT"
+	}
 	@ferm::rule { 'rabbitmq_mgmt':
 		description => 'rabbitmq cluster connections',
 		rule        => '&SERVICE_RANGE(tcp, 15672, $DSA_IPS)'
-- 
2.20.1