}
case $hostname {
- logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball: { include ferm }
+ logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball,handel,tchaikovsky: { include ferm }
}
case $hostname {
+ zandonai,zelenka: {
+ @ferm::rule { "dsa-zivit-rrdcollect":
+ description => "port 6666 for rrdcollect for zivit",
+ rule => "&SERVICE_RANGE(tcp, 6666, ( 10.130.18.71 ))"
+ }
+ @ferm::rule { "dsa-zivit-zabbix":
+ description => "port 10050 for zabbix for zivit",
+ rule => "&SERVICE_RANGE(tcp, 10050, ( 10.130.18.76 ))"
+ }
+ }
piatti: {
@ferm::rule { "dsa-udd-stunnel":
description => "port 8080 for udd stunnel",
rule => "&SERVICE(tcp, 873)"
}
}
+ ancina,zelenka: {
+ @ferm::rule { "dsa-time":
+ description => "Allow time access",
+ rule => "&SERVICE_RANGE(tcp, time, \$HOST_NAGIOS_V4)"
+ }
+ }
+ handel: {
+ @ferm::rule { "dsa-puppet":
+ description => "Allow puppet access",
+ rule => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V4)"
+ }
+ @ferm::rule { "dsa-puppet-v6":
+ domain => 'ip6',
+ description => "Allow puppet access",
+ rule => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V6)"
+ }
+ }
}
case $brokenhosts {
projects / dsa-puppet.git / blobdiff