From: Stephen Gran <steve@lobefin.net>
Date: Sun, 7 Mar 2010 23:28:25 +0000 (+0000)
Subject: handel gets a firewall
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=535c22cc944d9da2a569dd883780c133db7dae21;p=dsa-puppet.git

handel gets a firewall

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/manifests/site.pp b/manifests/site.pp
index 7a8565db..7219eca2 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -91,7 +91,7 @@ node default {
     }
 
     case $hostname {
-        logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball: { include ferm }
+        logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball,handel: { include ferm }
     }
     case $hostname {
         piatti: {
@@ -125,6 +125,16 @@ node default {
 		    rule            => "&SERVICE_RANGE(tcp, time, \$HOST_NAGIOS_V4)"
 	   }
         }
+        handel: {
+	   @ferm::rule { "dsa-puppet":
+		    description     => "Allow puppet access",
+		    rule            => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V4)"
+	   }
+	   @ferm::rule { "dsa-puppet-v6":
+		    description     => "Allow puppet access",
+		    rule            => "&SERVICE_RANGE(tcp, 8140, \$HOST_DEBIAN_V6)"
+	   }
+        }
 
     }
     case $brokenhosts {