class ferm {
- define rule($domain="ip", $chain="INPUT", $rule, $description="", $prio="00") {
+ define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00") {
file {
"/etc/ferm/dsa.d/${prio}_${name}":
ensure => present,
ulogd: ensure => installed;
}
- file {
+ file {
"/etc/ferm/dsa.d":
ensure => directory,
purge => true,
recurse => true,
source => "puppet:///files/empty/",
require => Package["ferm"];
+ "/etc/ferm":
+ ensure => directory,
+ mode => 0755;
"/etc/ferm/conf.d":
ensure => directory,
require => Package["ferm"];
"/etc/default/ferm":
- source => "puppet:///ferm/ferm.default",
+ source => "puppet:///modules/ferm/ferm.default",
require => Package["ferm"],
notify => Exec["ferm restart"];
"/etc/ferm/ferm.conf":
- source => "puppet:///ferm/ferm.conf",
+ source => "puppet:///modules/ferm/ferm.conf",
require => Package["ferm"],
mode => 0400,
notify => Exec["ferm restart"];
require => Package["ferm"],
mode => 0400,
notify => Exec["ferm restart"];
+ "/etc/logrotate.d/ulogd":
+ source => "puppet:///modules/ferm/logrotate-ulogd",
+ require => Package["logrotate"],
+ ;
}
$munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
$munin_ips: script => "ip_";
}
+ case extractnodeinfo($nodeinfo, 'buildd') {
+ 'true': {
+ file {
+ "/etc/ferm/conf.d/load_ftp_conntrack.conf":
+ source => "puppet:///modules/ferm/conntrack_ftp.conf",
+ require => Package["ferm"],
+ notify => Exec["ferm restart"];
+ }
+ }
+ }
+
case $v6ips {
'no': {}
default: {
projects / dsa-puppet.git / blobdiff