From 03d2b1aec2a9ccd61f4804277c80541698f1dab8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 17 Jan 2013 13:56:47 -0500 Subject: fix unbound access control --- puppet/modules/site_openvpn/manifests/resolver.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp index eaa765fe..57a2d147 100644 --- a/puppet/modules/site_openvpn/manifests/resolver.pp +++ b/puppet/modules/site_openvpn/manifests/resolver.pp @@ -2,12 +2,12 @@ class site_openvpn::resolver { file { '/etc/unbound/conf.d/vpn_udp_resolver': - content => "interface: ${openvpn_udp_network_prefix}.1\naccess-control: ${openvpn_udp_network_prefix}.0/${openvpn_udp_netmask}\n", + content => "interface: ${openvpn_udp_network_prefix}.1\naccess-control: ${openvpn_udp_network_prefix}.0/${openvpn_udp_netmask} allow\n", owner => root, group => root, mode => '0644', require => Service['openvpn']; '/etc/unbound/conf.d/vpn_tcp_resolver': - content => "interface: ${openvpn_tcp_network_prefix}.1\naccess-control: ${openvpn_tcp_network_prefix}.0/${openvpn_tcp_netmask}\n", + content => "interface: ${openvpn_tcp_network_prefix}.1\naccess-control: ${openvpn_tcp_network_prefix}.0/${openvpn_tcp_netmask} allow\n", owner => root, group => root, mode => '0644', require => Service['openvpn']; } -- cgit v1.2.3