fix unbound access control

author: Micah Anderson <micah@riseup.net> 2013-01-17 13:56:47 -0500
committer: Micah Anderson <micah@riseup.net> 2013-01-17 13:56:47 -0500
commit: 03d2b1aec2a9ccd61f4804277c80541698f1dab8 (patch)
tree: c9960fd714608eabebd5db29369464d730b4ebf5
parent: 4c649b08e215b229c280d0f15730418033b13fb9 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp
index eaa765fe..57a2d147 100644
--- a/puppet/modules/site_openvpn/manifests/resolver.pp
+++ b/puppet/modules/site_openvpn/manifests/resolver.pp
@@ -2,12 +2,12 @@ class site_openvpn::resolver {
 
   file {
     '/etc/unbound/conf.d/vpn_udp_resolver':
-      content => "interface: ${openvpn_udp_network_prefix}.1\naccess-control: ${openvpn_udp_network_prefix}.0/${openvpn_udp_netmask}\n",
+      content => "interface: ${openvpn_udp_network_prefix}.1\naccess-control: ${openvpn_udp_network_prefix}.0/${openvpn_udp_netmask} allow\n",
       owner => root, group => root, mode => '0644',
       require => Service['openvpn'];
 
     '/etc/unbound/conf.d/vpn_tcp_resolver':
-      content => "interface: ${openvpn_tcp_network_prefix}.1\naccess-control: ${openvpn_tcp_network_prefix}.0/${openvpn_tcp_netmask}\n",
+      content => "interface: ${openvpn_tcp_network_prefix}.1\naccess-control: ${openvpn_tcp_network_prefix}.0/${openvpn_tcp_netmask} allow\n",
       owner => root, group => root, mode => '0644',
       require => Service['openvpn'];
   }
author	Micah Anderson <micah@riseup.net>	2013-01-17 13:56:47 -0500
committer	Micah Anderson <micah@riseup.net>	2013-01-17 13:56:47 -0500
commit	03d2b1aec2a9ccd61f4804277c80541698f1dab8 (patch)
tree	c9960fd714608eabebd5db29369464d730b4ebf5
parent	4c649b08e215b229c280d0f15730418033b13fb9 (diff)