firewall: allow 8140 if puppet is available.

2015-09-16 18:22:28 +02:00 · 2015-09-16 18:22:28 +02:00 · d3bf7d12e2
parent 3a21bf0eae
commit d3bf7d12e2
1 changed files with 5 additions and 2 deletions
--- a/7
+++ b/7
@ -210,8 +210,11 @@ fw_start() {
    $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} --dport 123 -m state --state NEW -m comment --comment "NTP out"
  fi

-#  #### Puppet (connection, ... )
-#  $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 8140 -m state --state NEW -m comment --comment "Puppet out"
+  if [ $(command -v puppet) ]; then
+    #### Puppet (connection, ... )
+    $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 8140 -m state --state NEW -m comment --comment "Puppet out"
+  fi
+
  #### OpenPGP HTTP key server (add key, maj, ...)
  $IPT -A OUTPUT -j ACCEPT -p tcp -o ${ILAN} --dport 11371 -m state --state NEW -m comment --comment "OpenPGP req"