From 93adaa925209eb347451bf8faf2799c2f59ed968 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 23 Sep 2019 18:56:43 +0200 Subject: [PATCH] merge ipv4 and ipv6 rules to bacula-sd --- modules/bacula/manifests/storage.pp | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp index 3d60de9e7..63de0de3e 100644 --- a/modules/bacula/manifests/storage.pp +++ b/modules/bacula/manifests/storage.pp @@ -44,17 +44,10 @@ class bacula::storage inherits bacula { notify => Exec['bacula-sd restart-when-idle'] } - ferm::rule { 'dsa-bacula-sd-v4': - domain => '(ip)', - description => 'Allow bacula-sd access from director and clients', - rule => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN_V4 5.153.231.125 5.153.231.126) ACCEPT; }', - notarule => true, - } - - ferm::rule { 'dsa-bacula-sd-v6': - domain => '(ip6)', - description => 'Allow bacula-sd access from director and clients', - rule => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN_V6) ACCEPT; }', + ferm::rule { 'dsa-bacula-sd': + domain => '(ip ip6)', + description => 'Allow bacula-sd access from director and clients (i.e. all of Debian)', + rule => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN 5.153.231.125 5.153.231.126) ACCEPT; }', notarule => true, } -- 2.20.1