
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 123
#a# accept
#i# cluster
#n# ssh
#t# servers
#
#   |--------------------------------------------------------------------|
#d# Allow ssh connections from the firewall/dmz/etc. to an external host.
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

for host in `Option_Value accept $INTOPT ssh servers`
do
	echo "Accept $INTOPT $IPADDR SSH -> $host SSH $LOG_MSG"
	if [ "$CLUSTER_NAME" ]
	then
		ipchains -A $OUTCHAIN -j ACCEPT -p tcp ! -y -s $host   ssh       -d $IPADDR $SSHPORTS $LOG
		ipchains -A $INCHAIN  -j ACCEPT -p tcp      -s $IPADDR $SSHPORTS -d $host   ssh       $LOG
	else
		ipchains -A $INCHAIN  -j ACCEPT -p tcp ! -y -s $host   ssh       -d $IPADDR $SSHPORTS $LOG
		ipchains -A $OUTCHAIN -j ACCEPT -p tcp      -s $IPADDR $SSHPORTS -d $host   ssh       $LOG
	fi
done
unset host

