restrict stunnel to debian hosts

author Peter Palfrader <peter@palfrader.org>

Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)

committer Peter Palfrader <peter@palfrader.org>

Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)
author Peter Palfrader <peter@palfrader.org>
Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)
committer Peter Palfrader <peter@palfrader.org>
Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)
diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp

index b26cdbc55f6691bf43caf804760c0a56c167ddb2..16a5c26d06c2deb2d0c62b59e2c41ec39c645f78 100644 (file)
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -29,9 +29,13 @@ class stunnel4 {
          @ferm::rule {
              "stunnel-${name}":
                  description => "stunnel ${name}",
-                rule => "&TCP_UDP_SERVICE(${accept})",
-                domain => "(ip ip6)",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V4)",
                  ;
+            "stunnel-${name}-v6":
+                domain          => 'ip6',
+                description => "stunnel ${name}",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V6)",
+            }
          }
      }
      define stunnel_client($accept, $connecthost, $connectport) {
author	Peter Palfrader <peter@palfrader.org>
	Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Mon, 21 Mar 2011 12:04:09 +0000 (13:04 +0100)