make from-mgmt actually work

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 3fe2d09ce29bf568694a44d2a421e6cb81ee0b75..a50e8bd89a0c52f5aa143f1255bd4f1d4b37b53e 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -225,7 +225,7 @@ REJECT reject-with icmp-admin-prohibited
        if $::hostname in [rautavaara] {
                @ferm::rule { 'dsa-from-mgmt':
                        description     => 'Traffic routed from mgmt net vlan/bridge',
-                       chain           => 'from-mgmt',
+                       chain           => 'INPUT',
                        rule            => 'interface eth1 ACCEPT'
                }
                @ferm::rule { 'dsa-mgmt-mark':