From a80107a59631233879218922768d88a919b71adc Mon Sep 17 00:00:00 2001
From: Gardouille <gardouille@gmail.com>
Date: Wed, 16 Sep 2015 18:28:29 +0200
Subject: [PATCH] firewall: allow OUTPUT: 8140 if a puppetmaster service file
 exists.

---
 firewall | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/firewall b/firewall
index dd65d6c..c20efc7 100755
--- a/firewall
+++ b/firewall
@@ -145,8 +145,10 @@ fw_start() {
     $IPT -A INPUT -j ACCEPT -p udp -i "${ILAN}" -d "${IPLAN}" --sport 67:68 --dport 67:68 -m state --state NEW -m comment --comment "New DHCPD in"
   fi
 
-  #### PuppetMaster
-  #$IPT -A INPUT -j ACCEPT -p tcp -i "${ILAN}" -s "${LAN}" -d "${IPLAN}" --dport 8140 -m state --state NEW -m comment --comment "New Puppet in"
+  if [ -f /etc/init.d/puppetmaster ] || [ -f /etc/systemd/system/puppetmaster.service ]; then
+    #### PuppetMaster
+    $IPT -A INPUT -j ACCEPT -p tcp -i "${ILAN}" -s "${LAN}" -d "${IPLAN}" --dport 8140 -m state --state NEW -m comment --comment "New Puppet in"
+  fi
 
   #### NFS Server
   #$IPT -A INPUT -j ACCEPT -p tcp -i "${ILAN}" -d "${IPLAN}" --dport 111 -m state --state NEW -m comment --comment "NFS out"