aboutsummaryrefslogtreecommitdiff
path: root/manifests/physical.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/physical.pp')
-rw-r--r--manifests/physical.pp14
1 files changed, 13 insertions, 1 deletions
diff --git a/manifests/physical.pp b/manifests/physical.pp
index 4805a53..055b010 100644
--- a/manifests/physical.pp
+++ b/manifests/physical.pp
@@ -1,6 +1,5 @@
class nodo::physical inherits nodo {
include syslog-ng
- include firewall
include initramfs
include modprobe
include firewire
@@ -11,6 +10,19 @@ class nodo::physical inherits nodo {
include resolver
include monkeysphere_nodo
+ # SSL computational DoS mitigation
+ # See http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
+ $firewall_ssl_ratelimit = $firewall_ssl_ratelimit ? {
+ '' => $firewall_global_ssl_ratelimit ? {
+ '' => '-',
+ default => $firewall_global_ssl_ratelimit,
+ },
+ default => $firewall_ssl_ratelimit,
+ }
+
+ # Firewall configuration
+ include firewall
+
# Vserver configuration
$vserver_vdirbase = "/var/vservers"
include vserver::host
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-13 05:38:42 +0000