From 289edda356da398ff1edb2487b3c6198eb774c00 Mon Sep 17 00:00:00 2001
From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Sun, 16 Aug 2015 13:52:12 +0000
Subject: [PATCH] RT #4908 - deploy XMPP service

---
 modules/roles/manifests/rtc.pp | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp
index 497ff62a..c5e9da3d 100644
--- a/modules/roles/manifests/rtc.pp
+++ b/modules/roles/manifests/rtc.pp
@@ -36,6 +36,27 @@ class roles::rtc {
 		require     => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain'],
 	}
 
+	@ferm::rule { 'dsa-xmpp-client-ip4':
+		domain      => 'ip',
+		description => 'XMPP connections (client to server)',
+		rule        => 'proto tcp dport (5222) ACCEPT'
+	}
+	@ferm::rule { 'dsa-xmpp-client-ip6':
+		domain      => 'ip6',
+		description => 'XMPP connections (client to server)',
+		rule        => 'proto tcp dport (5222) ACCEPT'
+	}
+	@ferm::rule { 'dsa-xmpp-server-ip4':
+		domain      => 'ip',
+		description => 'XMPP connections (server to server)',
+		rule        => 'proto tcp dport (5269) ACCEPT'
+	}
+	@ferm::rule { 'dsa-xmpp-server-ip6':
+		domain      => 'ip6',
+		description => 'XMPP connections (server to server)',
+		rule        => 'proto tcp dport (5269) ACCEPT'
+	}
+
 	@ferm::rule { 'dsa-sip-ws-ip4':
 		domain      => 'ip',
 		description => 'SIP connections (WebSocket; for WebRTC)',
-- 
2.39.2