}
@def &SERVICE_RANGE($proto, $port, $srange) = {
- proto $proto mod state state (NEW) dport $port @subchain $port { saddr ($srange) ACCEPT; }"
+ proto $proto mod state state (NEW) dport $port @subchain "$port" { saddr ($srange) ACCEPT; }"
}
@def &TCP_UDP_SERVICE($port) = {
mailrelay = []
localinfo.keys.sort.each do |node|
if localinfo[node]['mailrelay']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /:/
mailrelay << ip
end
mailrelay = []
localinfo.keys.sort.each do |node|
if localinfo[node]['mailrelay']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /\./
mailrelay << ip
end
@def $HOST_NAGIOS_V4 = (<%=
nagii = []
localinfo.keys.sort.each do |node|
- if localinfo[node]['nagiosmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ if localinfo[node]['nagiosmaster'] or localinfo[node]['extranrpeclient']
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /:/
nagii << ip
end
@def $HOST_NAGIOS_V6 = (<%=
nagii = []
localinfo.keys.sort.each do |node|
- if localinfo[node]['nagiosmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ if localinfo[node]['nagiosmaster'] or localinfo[node]['extranrpeclient']
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /\./
nagii << ip
end
munins = []
localinfo.keys.sort.each do |node|
if localinfo[node]['muninmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /:/
munins << ip
end
munins = []
localinfo.keys.sort.each do |node|
if localinfo[node]['muninmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /\./
munins << ip
end
dbs = []
localinfo.keys.sort.each do |node|
if localinfo[node]['dbmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /\./
dbs << ip
end
dbs = []
localinfo.keys.sort.each do |node|
if localinfo[node]['dbmaster']
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /:/
dbs << ip
end
@def $HOST_DEBIAN_V4 = (<%=
dbs = []
keyinfo.keys.sort.each do |node|
- next unless keyinfo[node][0].has_key?('ipHostNumber')
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ next unless keyinfo[node].has_key?('ipHostNumber')
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /:/
dbs << ip
end
@def $HOST_DEBIAN_V6 = (<%=
dbs = []
keyinfo.keys.sort.each do |node|
- next unless keyinfo[node][0].has_key?('ipHostNumber')
- keyinfo[node][0]['ipHostNumber'].each do |ip|
+ next unless keyinfo[node].has_key?('ipHostNumber')
+ keyinfo[node]['ipHostNumber'].each do |ip|
next if ip =~ /\./
dbs << ip
end
@def $DSA_IPS = ($sgran $weasel $zobel $luca);
@def $sgran6 = (2001:4b10:100b::/48);
+@def $sgran6 = ($sgran6 2001:4b10:0000:810b::/64);
@def $weasel6 = ();
@def $weasel6 = ($weasel6 2001:826:408:200::/56); # came
@def $weasel6 = ($weasel6 2001:858:10f::/48); # anguilla
@def $zobel6 = ($zobel6 2001:6f8:1215::/48); # baldur
@def $zobel6 = ($zobel6 2001:6f8:928::/48); # WS2
@def $zobel6 = ($zobel6 2a01:198:549::/48); # WGS20
+@def $zobel6 = ($zobel6 2a01:198:6b2::/48); # AdS20
@def $luca6 = ();
@def $DSA_V6_IPS = ($sgran6 $weasel6 $zobel6 $luca6);
+
+@def $USER_kibi = ();
+@def $USER_kibi = ($USER_kibi 90.80.97.98); # gruyere.kerlabs.com
+@def $USER_kibi = ($USER_kibi 88.164.242.219); # home.ikibiki.org
+@def $USER_kibi = ($USER_kibi 82.244.158.68); # @parents'
+@def $USER_aurel32 = ();
+@def $USER_aurel32 = ($USER_aurel32 88.191.126.93); # hall.aurel32.net
+@def $USER_aurel32 = ($USER_aurel32 82.232.2.251); # farad.aurel32.net
+@def $FREEBSD_SSH_ACCESS = ();
+@def $FREEBSD_SSH_ACCESS = ($FREEBSD_SSH_ACCESS $DSA_IPS $USER_kibi $USER_aurel32);
+@def $FREEBSD_SSH_ACCESS = ($FREEBSD_SSH_ACCESS 194.177.211.200); # grieg
projects / dsa-puppet.git / blobdiff