rule => '&SERVICE(udp, 69)'
}
}
- #paganini: {
- # @ferm::rule { 'dsa-dhcp':
- # description => 'Allow dhcp access',
- # rule => '&SERVICE(udp, 67)'
- # }
- # @ferm::rule { 'dsa-tftp':
- # description => 'Allow tftp access',
- # rule => '&SERVICE(udp, 69)'
- # }
- #}
lotti,lully: {
@ferm::rule { 'dsa-syslog':
description => 'Allow syslog access',
description => 'Allow postgress access',
rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:10/128 ))'
}
+
+ @ferm::rule { 'dsa-postgres-backup':
+ description => 'Allow postgress access',
+ rule => '&SERVICE_RANGE(tcp, 5433, ( 5.153.231.12/32 ))'
+ }
+ @ferm::rule { 'dsa-postgres-backup6':
+ domain => 'ip6',
+ description => 'Allow postgress access',
+ rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:12/128 ))'
+ }
}
bmdb1: {
@ferm::rule { 'dsa-postgres-main':
rule => '&SERVICE_RANGE(tcp, 5432, ( 2001:41c8:1000:21::21:12/128 ))'
}
}
+ sibelius: {
+ @ferm::rule { 'dsa-postgres-backup':
+ description => 'Allow postgress access',
+ rule => '&SERVICE_RANGE(tcp, 5433, ( 5.153.231.12/32 ))'
+ }
+ @ferm::rule { 'dsa-postgres-backup6':
+ domain => 'ip6',
+ description => 'Allow postgress access',
+ rule => '&SERVICE_RANGE(tcp, 5433, ( 2001:41c8:1000:21::21:12/128 ))'
+ }
+ }
default: {}
}
# vpn fu