From 6d43efc5481736aae0e3bdb691ace23b91313d52 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 17 Jul 2010 14:07:29 -0300
Subject: SNMP firewall rules for printers

---
 manifests/subsystems/firewall.pp | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'manifests')

diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp
index 759562b..6c0b9b7 100644
--- a/manifests/subsystems/firewall.pp
+++ b/manifests/subsystems/firewall.pp
@@ -303,7 +303,7 @@ class firewall::printer {
     order           => "201",
   }
 
-  shorewall::rule { "hp-pdl-datastr-tcp":
+  shorewall::rule { "hplip-tcp":
     action          => 'ACCEPT',
     source          => 'net',
     destination     => '$FW',
@@ -313,7 +313,7 @@ class firewall::printer {
     order           => "200",
   }
 
-  shorewall::rule { "hp-pdl-datastr-udp":
+  shorewall::rule { "hplip-udp":
     action          => 'ACCEPT',
     source          => 'net',
     destination     => '$FW',
@@ -322,4 +322,24 @@ class firewall::printer {
     ratelimit       => '-',
     order           => "201",
   }
+
+  shorewall::rule { "snmp-tcp":
+    action          => 'ACCEPT',
+    source          => 'net',
+    destination     => '$FW',
+    proto           => 'tcp',
+    destinationport => "161",
+    ratelimit       => '-',
+    order           => "200",
+  }
+
+  shorewall::rule { "snmp-udp":
+    action          => 'ACCEPT',
+    source          => 'net',
+    destination     => '$FW',
+    proto           => 'udp',
+    destinationport => "161",
+    ratelimit       => '-',
+    order           => "201",
+  }
 }
-- 
cgit v1.2.3