X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/aeaa46f3071de018b5c5e0f5678cb5b4082e3ddc..a9d45436d97848d3c7724f1759b7d01d48909e7f:/cookbooks/snmpd/recipes/default.rb diff --git a/cookbooks/snmpd/recipes/default.rb b/cookbooks/snmpd/recipes/default.rb index 98e4c400b..f4a57fef2 100644 --- a/cookbooks/snmpd/recipes/default.rb +++ b/cookbooks/snmpd/recipes/default.rb @@ -23,11 +23,6 @@ communities = data_bag_item("snmpd", "communities") package "snmpd" -service "snmpd" do - action [:enable, :start] - supports :status => true, :restart => true -end - template "/etc/snmp/snmpd.conf" do source "snmpd.conf.erb" owner "root" @@ -37,50 +32,16 @@ template "/etc/snmp/snmpd.conf" do notifies :restart, "service[snmpd]" end -if node[:snmpd][:clients] - node[:snmpd][:clients].each do |address| - firewall_rule "accept-snmp" do - action :accept - family "inet" - source "net:#{address}" - dest "fw" - proto "udp" - dest_ports "snmp" - source_ports "1024:" - end - end -else - firewall_rule "accept-snmp" do - action :accept - family "inet" - source "net" - dest "fw" - proto "udp" - dest_ports "snmp" - source_ports "1024:" - end +service "snmpd" do + action [:enable, :start] + supports :status => true, :restart => true end -if node[:snmpd][:clients6] - node[:snmpd][:clients6].each do |address| - firewall_rule "accept-snmp" do - action :accept - family "inet6" - source "net:#{address}" - dest "fw" - proto "udp" - dest_ports "snmp" - source_ports "1024:" - end - end -else - firewall_rule "accept-snmp" do - action :accept - family "inet6" - source "net" - dest "fw" - proto "udp" - dest_ports "snmp" - source_ports "1024:" - end +firewall_rule "accept-snmp" do + action :accept + context :incoming + protocol :udp + source node[:snmpd][:clients] if node[:snmpd][:clients] + dest_ports "snmp" + source_ports "1024-65535" end