hot-fixes

salt-pillar/dhcp/init.sls

@@ -5,9 +5,10 @@ dhcp:
     time: 7776000
     max-time: 31536000
     opts:
-      domain-name: serv.zentralwerk.online
       #domain-name-servers:
       routers: 172.20.73.1
+    string-opts:
+      domain-name: serv.zentralwerk.online
 
   pub:
     start: 172.20.76.2
@@ -15,8 +16,9 @@ dhcp:
     time: 300
     max-time: 3600
     opts:
-      domain-name: pub.zentralwerk.online
       routers: 172.20.76.1
+    string-opts:
+      domain-name: pub.zentralwerk.online
 
   priv1:
     start: 172.20.74.2
@@ -24,8 +26,9 @@ dhcp:
     time: 3600
     max-time: 86400
     opts:
-      domain-name: priv1.zentralwerk.online
       routers: 172.20.74.1
+    string-opts:
+      domain-name: priv1.zentralwerk.online
 
   priv2:
     start: 172.20.75.2
@@ -33,5 +36,6 @@ dhcp:
     time: 3600
     max-time: 86400
     opts:
-      domain-name: priv2.zentralwerk.online
       routers: 172.20.75.1
+    string-opts:
+      domain-name: priv2.zentralwerk.online

salt/dhcp/dhcpd.conf

@@ -12,6 +12,9 @@ subnet {{ subnet.split('/')[0] }} netmask {{ netmasks[subnet.split('/')[1]] }} {
 {%-     for name, value in conf['opts'].items() %}
     option {{ name }} {{ value }};
 {%-     endfor %}
+{%-     for name, value in conf['string-opts'].items() %}
+    option {{ name }} "{{ value }}";
+{%-     endfor %}
 }
 {%-   endif %}
 {%- endfor %}

salt/switches/3com-4200G.expect

@@ -70,6 +70,8 @@ send "port link-aggregation group {{ group }}\r"
 expect "]"
 send "port link-type trunk\r"
 expect "]"
+send "port trunk pvid vlan 4094\r"
+expect "]"
 {%- for vlan_name in conf['vlans'] %}
 send "port trunk permit vlan {{ pillar['vlans'][vlan_name] }}\r"
 expect "]"

salt/upstream/iptables

@@ -1,6 +1,7 @@
 #!/bin/sh
 
 if [ "$IFACE" = "{{ upstream_iface }}" ]; then
+   iptables -A INPUT -i "$IFACE" -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i "$IFACE" -j DROP
    iptables -P INPUT ACCEPT
 fi