From d49be3517efb578b3bdd6d8226e4d0cc4a116eea Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 3 Aug 2018 09:56:57 +0200
Subject: [PATCH] allow ipv6 connections to all clients from the bacula
 director

---
 modules/bacula/manifests/client.pp | 12 +++---------
 modules/bacula/manifests/init.pp   |  2 +-
 2 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/modules/bacula/manifests/client.pp b/modules/bacula/manifests/client.pp
index 580115d6d..8c33181b2 100644
--- a/modules/bacula/manifests/client.pp
+++ b/modules/bacula/manifests/client.pp
@@ -79,15 +79,9 @@ class bacula::client inherits bacula {
 		}
 	}
 
-	@ferm::rule { 'dsa-bacula-fd-v4':
-		domain      => '(ip)',
+	@ferm::rule { 'dsa-bacula-fd':
+		domain      => '(ip ip6)',
 		description => 'Allow bacula access from storage and director',
-		rule        => "proto tcp mod state state (NEW) dport (${bacula_client_port}) saddr (${bacula_director_ip}) ACCEPT",
+		rule        => "proto tcp mod state state (NEW) dport (${bacula_client_port}) saddr (${bacula_director_ip_addrs}) ACCEPT",
 	}
-
-	#@ferm::rule { 'dsa-bacula-fd-v6':
-	#	domain      => '(ip6)',
-	#	description => 'Allow bacula access from storage and director',
-	#	rule        => "proto tcp mod state state (NEW) dport (bacula-fd) saddr (${bacula_director_ip6}) ACCEPT",
-	#}
 }
diff --git a/modules/bacula/manifests/init.pp b/modules/bacula/manifests/init.pp
index aa0c9de54..fddbf7851 100644
--- a/modules/bacula/manifests/init.pp
+++ b/modules/bacula/manifests/init.pp
@@ -11,7 +11,7 @@ class bacula {
 	$bacula_pool_name         = 'debian'
 
 	# use IP address for ferm.
-	$bacula_director_ip       = '5.153.231.19'
+	$bacula_director_ip_addrs = '5.153.231.19 2001:41c8:1000:21::21:19'
 	$bacula_director_address  = 'dinis.debian.org'
 	$bacula_director_port     = 9101
 	$bacula_storage_address   = 'storace.debian.org'
-- 
2.20.1