From b9cee5758f429c8be1d03ea935c4336c91df75b5 Mon Sep 17 00:00:00 2001
From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Sat, 3 Sep 2016 22:03:29 +0000
Subject: [PATCH 1/1] add rule to allow access from manlan

---
 modules/ferm/manifests/per-host.pp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 87aa56c87..c5429a2e5 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -503,6 +503,12 @@ REJECT reject-with icmp-admin-prohibited
 				rule            => 'outerface !tun+ mod mark mark 1 MASQUERADE',
 			}
 		}
+		ubc-enc2bl1: {
+			@ferm::rule { 'dsa-luca-fixme':
+				description     => 'Allow ssh access from manlan',
+				rule            => '&SERVICE_RANGE(tcp, 22, ( 172.29.40.0/22 172.29.203.0/24 ))',
+			}
+		}
 		default: {}
 	}
 	# tftp
-- 
2.20.1