X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=6f8b41860120b2259df03c253b7204fe5b1729c5;hb=d56ca7cb70039b036d91f93cfb33cb1fb7743e82;hp=a398de4671e4e582549a582cf99314b496b354db;hpb=25f5bb4310769f6aa23b7be65bb4ac294a78066b;p=dsa-puppet.git diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index a398de46..6f8b4186 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -38,16 +38,6 @@ class ferm::per-host { rule => '&SERVICE(udp, 69)' } } - #paganini: { - # @ferm::rule { 'dsa-dhcp': - # description => 'Allow dhcp access', - # rule => '&SERVICE(udp, 67)' - # } - # @ferm::rule { 'dsa-tftp': - # description => 'Allow tftp access', - # rule => '&SERVICE(udp, 69)' - # } - #} lotti,lully: { @ferm::rule { 'dsa-syslog': description => 'Allow syslog access', @@ -233,6 +223,16 @@ class ferm::per-host { description => 'Allow postgress access', rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:10/128 ))' } + + @ferm::rule { 'dsa-postgres-backup': + description => 'Allow postgress access', + rule => '&SERVICE_RANGE(tcp, 5433, ( 5.153.231.12/32 ))' + } + @ferm::rule { 'dsa-postgres-backup6': + domain => 'ip6', + description => 'Allow postgress access', + rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:12/128 ))' + } } bmdb1: { @ferm::rule { 'dsa-postgres-main': @@ -331,6 +331,17 @@ class ferm::per-host { rule => '&SERVICE_RANGE(tcp, 5432, ( 2001:41c8:1000:21::21:12/128 ))' } } + sibelius: { + @ferm::rule { 'dsa-postgres-backup': + description => 'Allow postgress access', + rule => '&SERVICE_RANGE(tcp, 5433, ( 5.153.231.12/32 ))' + } + @ferm::rule { 'dsa-postgres-backup6': + domain => 'ip6', + description => 'Allow postgress access', + rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:12/128 ))' + } + } default: {} } # vpn fu