]> git.donarmstrong.com Git - dsa-puppet.git/blobdiff - modules/ferm/templates/defs.conf.erb
projects / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Try allowing port 53 through firewalls for recursors
[dsa-puppet.git] / modules / ferm / templates / defs.conf.erb
diff --git a/modules/ferm/templates/defs.conf.erb b/modules/ferm/templates/defs.conf.erb
index ae637fe048a24751dea825a0569e44c738010ac6..cb2014c8499ff1da5e1e105b7e276d670aa658bf 100644 (file)
--- a/modules/ferm/templates/defs.conf.erb
+++ b/modules/ferm/templates/defs.conf.erb
@@ -15,6 +15,10 @@
  proto (tcp udp) mod state state (NEW) dport $port ACCEPT;
 }
 
+@def &TCP_UDP_SERVICE_RANGE($port, $srange) = {
+ proto (tcp udp) mod state state (NEW) dport $port @subchain "$port" { saddr ($srange) ACCEPT; }"
+}
+
 @def $HOST_MAILRELAY_V4 = (<%=
   mailrelay = []
   localinfo.keys.sort.each do |node|
Unnamed repository; edit this file 'description' to name the repository.