X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/18e12b0e123fc3e5f344682f884feabc12da0f5a..5e5cb7ccbcfcd4e3696ddcd0a3e5218c254e429d:/cookbooks/snmpd/recipes/default.rb diff --git a/cookbooks/snmpd/recipes/default.rb b/cookbooks/snmpd/recipes/default.rb index fd852357f..ccafc831c 100644 --- a/cookbooks/snmpd/recipes/default.rb +++ b/cookbooks/snmpd/recipes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: snmpd +# Cookbook:: snmpd # Recipe:: default # -# Copyright 2013, OpenStreetMap Foundation +# Copyright:: 2013, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -37,11 +37,23 @@ template "/etc/snmp/snmpd.conf" do notifies :restart, "service[snmpd]" end -node[:snmpd][:clients].each do |address| +if node[:snmpd][:clients] + node[:snmpd][:clients].each do |address| + firewall_rule "accept-snmp" do + action :accept + family "inet" + source "net:#{address}" + dest "fw" + proto "udp" + dest_ports "snmp" + source_ports "1024:" + end + end +else firewall_rule "accept-snmp" do action :accept family "inet" - source "net:#{address}" + source "net" dest "fw" proto "udp" dest_ports "snmp"