From d09ef3eec8595490bca4d2e176aec9772dbfb581 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 9 Sep 2010 17:43:20 +0200
Subject: [PATCH] Try to add byrd/schuetz special ports

---
 modules/ferm/manifests/per-host.pp | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 379161fa1..575b2019d 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -127,6 +127,35 @@ class ferm::per-host {
         }
     }
 
+    case $hostname {
+        byrd,schuetz: {
+            @ferm::rule { "dsa-krb-kdc":
+                domain          => "(ip ip6)",
+                description  => "kerberos KDC",
+                rule         => "&SERVICE(tcp, 88)"
+            }
+        }
+    }
+    case $hostname {
+        byrd: {
+            @ferm::rule { "dsa-krb-ipropd":
+                domain       => "ip",
+                description  => "kerberos ipropd",
+                rule         => "&SERVICE_RANGE(tcp, 2121, 206.12.19.119)",
+            }
+            @ferm::rule { "dsa-krb-ipropd-v6":
+                domain       => 'ip6',
+                description  => "kerberos ipropd (IPv6)",
+                rule         => "&SERVICE_RANGE(tcp, 2121, 2607:f8f0:610:4000:216:36ff:fe40:380a)",
+            }
+            @ferm::rule { "dsa-krb-kpasswdd":
+                domain          => "(ip ip6)",
+                description  => "kerberos KDC",
+                rule         => "&SERVICE(udp, 464)",
+            }
+        }
+    }
+
     case $hostname { rautavaara,luchesi: {
         @ferm::rule { "dsa-to-kfreebsd":
             description     => "Traffic routed to kfreebsd hosts",
-- 
2.20.1