From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 6 Jul 2013 17:07:05 +0000 (+0200)
Subject: postgresql access to franck from replica
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=f23179a9e0959a728bd7530db74d537509bf774a;p=dsa-puppet.git

postgresql access to franck from replica
---

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index ea6e4976..a459169f 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -62,6 +62,17 @@ class ferm::per-host {
 				rule		=> 'destination 78.8.208.246/32 proto tcp dport 25 jump DROP',
 			}
 		}
+		franck: {
+			@ferm::rule { 'dsa-postgres-danzi':
+				description     => 'Allow postgress access',
+				rule            => '&SERVICE_RANGE(tcp, 5433, ( 5.153.231.10/32 ))'
+			}
+			@ferm::rule { 'dsa-postgres-danzi6':
+				domain          => 'ip6',
+				description     => 'Allow postgress access',
+				rule            => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:10/128 ))'
+			}
+		}
 		danzi: {
 			@ferm::rule { 'dsa-postgres-danzi':
 				description     => 'Allow postgress access',