From 4e2859018cc13954c88c6f13a5d03e12545a009c Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Thu, 27 Feb 2014 09:07:32 +0100 Subject: disable rules requiring newer ufw --- .../etc/puppet/modules/sunet/manifests/server.pp | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp index c4622fa..72d8d49 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp @@ -6,16 +6,17 @@ define sunet::server() { # Add prerequisites for ethernet bonding, if physical server sunet::ethernet_bonding { 'sunet_ethernet_bonding': } - # Ignore IPv6 multicast - ufw::deny { 'ignore_v6_multicast': - ip => 'ff02::1', - proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( - } +# Removed until SWAMID hosts can have their ufw module updated / ft +# # Ignore IPv6 multicast +# ufw::deny { 'ignore_v6_multicast': +# ip => 'ff02::1', +# proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( +# } - # Ignore IPv6 multicast PIM router talk - ufw::deny { 'ignore_v6_multicast_PIM': - ip => 'ff02::d', - proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( - } +# # Ignore IPv6 multicast PIM router talk +# ufw::deny { 'ignore_v6_multicast_PIM': +# ip => 'ff02::d', +# proto => 'any' # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :( +# } } -- cgit v1.1