From cac04a5d8d95c185a6c587348a1dd44c4ad67172 Mon Sep 17 00:00:00 2001
From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Sat, 11 Jan 2014 17:16:07 +0000
Subject: [PATCH] add another rule

---
 modules/roles/manifests/sip.pp | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/modules/roles/manifests/sip.pp b/modules/roles/manifests/sip.pp
index 7774b633..124d7b2a 100644
--- a/modules/roles/manifests/sip.pp
+++ b/modules/roles/manifests/sip.pp
@@ -1,15 +1,20 @@
 class roles::sip {
 	@ferm::rule { 'dsa-sip-ws':
 		domain      => 'ip',
-		description => 'SIP over WebSocket (for WebRTC)',
+		description => 'SIP connections (WebSocket; for WebRTC)',
 		rule        => 'proto tcp mod state state (NEW) dport (443) ACCEPT'
 	}
-	@ferm::rule { 'dsa-sip':
+	@ferm::rule { 'dsa-sip-tls':
 		domain      => 'ip',
 		description => 'SIP connections (TLS)',
 		rule        => 'proto tcp mod state state (NEW) dport (5061) ACCEPT'
 	}
 	@ferm::rule { 'dsa-turn':
+		domain      => 'ip',
+		description => 'TURN connections',
+		rule        => 'proto udp mod state state (NEW) dport (3478) ACCEPT'
+	}
+	@ferm::rule { 'dsa-turn-tls':
 		domain      => 'ip',
 		description => 'TURN connections (TLS)',
 		rule        => 'proto tcp mod state state (NEW) dport (5349) ACCEPT'
-- 
2.39.2