kerberos kadmind access from draghi

author Peter Palfrader <peter@palfrader.org>

Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)

committer Peter Palfrader <peter@palfrader.org>

Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)
author Peter Palfrader <peter@palfrader.org>
Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)
committer Peter Palfrader <peter@palfrader.org>
Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)
diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp

index 193d701..c7e6479 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -153,6 +153,16 @@ class ferm::per-host {
                  description  => "kerberos KDC",
                  rule         => "&SERVICE(udp, kpasswd)",
              }
+            @ferm::rule { "dsa-krb-kadmind":
+                domain          => "(ip ip6)",
+                description  => "kerberos kadmind access from draghi",
+                rule         => "&SERVICE_RANGE(tcp, kerberos-adm, 82.195.75.106)",
+            }
+            @ferm::rule { "dsa-krb-kadmind-v6":
+                domain          => "(ip ip6)",
+                description  => "kerberos kadmind access from draghi",
+                rule         => "&SERVICE_RANGE(tcp, kerberos-adm, 2001:41b8:202:deb:216:36ff:fe40:3906)",
+            }
          }
      }
author	Peter Palfrader <peter@palfrader.org>
	Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 10 Sep 2010 11:15:56 +0000 (13:15 +0200)