projects / mirror / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1bfc704)
add rule to allow access from manlan
authorLuca Filipozzi <lfilipoz@emyr.net>
Sat, 3 Sep 2016 22:03:29 +0000 (22:03 +0000)
committerLuca Filipozzi <lfilipoz@emyr.net>
Sat, 3 Sep 2016 22:03:29 +0000 (22:03 +0000)
modules/ferm/manifests/per-host.pp patch | blob | history

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 87aa56c..c5429a2 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -503,6 +503,12 @@ REJECT reject-with icmp-admin-prohibited
                                rule            => 'outerface !tun+ mod mark mark 1 MASQUERADE',
                        }
                }
+               ubc-enc2bl1: {
+                       @ferm::rule { 'dsa-luca-fixme':
+                               description     => 'Allow ssh access from manlan',
+                               rule            => '&SERVICE_RANGE(tcp, 22, ( 172.29.40.0/22 172.29.203.0/24 ))',
+                       }
+               }
                default: {}
        }
        # tftp
Unnamed repository; edit this file 'description' to name the repository.