Allow alioth to access the bind on denis

author Peter Palfrader <peter@palfrader.org>

Thu, 29 May 2014 17:52:57 +0000 (19:52 +0200)

committer Peter Palfrader <peter@palfrader.org>

Thu, 29 May 2014 17:53:48 +0000 (19:53 +0200)
author Peter Palfrader <peter@palfrader.org>
Thu, 29 May 2014 17:52:57 +0000 (19:52 +0200)
committer Peter Palfrader <peter@palfrader.org>
Thu, 29 May 2014 17:53:48 +0000 (19:53 +0200)
diff --git a/modules/named/manifests/init.pp b/modules/named/manifests/init.pp

index a178271bc2922749391847a61e2d87e52e280cbd..8f1d39c93c94b33e4b8975ef09da39cd7a3da5fc 100644 (file)
--- a/modules/named/manifests/init.pp
+++ b/modules/named/manifests/init.pp
@@ -25,12 +25,12 @@ class named {
                 @ferm::rule { '01-dsa-bind-4':
                         domain      => '(ip)',
                         description => 'Allow nameserver access',
-                       rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_SECONDARY_V4 $HOST_DNS_GEO_V4 $HOST_NAGIOS_V4 $HOST_RCODE0_V4 $HOST_EASYDNS_V4 ) )',
+                       rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_SECONDARY_V4 $HOST_DNS_GEO_V4 $HOST_NAGIOS_V4 $HOST_RCODE0_V4 $HOST_EASYDNS_V4 5.153.231.21 ) )',
                 }
                 @ferm::rule { '01-dsa-bind-6':
                         domain      => '(ip6)',
                         description => 'Allow nameserver access',
-                       rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_SECONDARY_V6 $HOST_DNS_GEO_V6 $HOST_NAGIOS_V6 $HOST_RCODE0_V6 ) )',
+                       rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_SECONDARY_V6 $HOST_DNS_GEO_V6 $HOST_NAGIOS_V6 $HOST_RCODE0_V6 2001:41c8:1000:21::21:21 ) )',
                 }
         } else {
                 @ferm::rule { '01-dsa-bind':
author	Peter Palfrader <peter@palfrader.org>
	Thu, 29 May 2014 17:52:57 +0000 (19:52 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Thu, 29 May 2014 17:53:48 +0000 (19:53 +0200)