X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/f7e802a51133ff2331798a7b54c0f0670ec43ce1..f351c6a2475050bcadfce28bdbe303eda9654059:/cookbooks/snmpd/recipes/default.rb?ds=inline diff --git a/cookbooks/snmpd/recipes/default.rb b/cookbooks/snmpd/recipes/default.rb index b5bccce4b..98e4c400b 100644 --- a/cookbooks/snmpd/recipes/default.rb +++ b/cookbooks/snmpd/recipes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: snmpd +# Cookbook:: snmpd # Recipe:: default # -# Copyright 2013, OpenStreetMap Foundation +# Copyright:: 2013, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -32,7 +32,7 @@ template "/etc/snmp/snmpd.conf" do source "snmpd.conf.erb" owner "root" group "root" - mode 0o600 + mode "600" variables :communities => communities notifies :restart, "service[snmpd]" end @@ -60,3 +60,27 @@ else source_ports "1024:" end end + +if node[:snmpd][:clients6] + node[:snmpd][:clients6].each do |address| + firewall_rule "accept-snmp" do + action :accept + family "inet6" + source "net:#{address}" + dest "fw" + proto "udp" + dest_ports "snmp" + source_ports "1024:" + end + end +else + firewall_rule "accept-snmp" do + action :accept + family "inet6" + source "net" + dest "fw" + proto "udp" + dest_ports "snmp" + source_ports "1024:" + end +end