From dbae346799300f8b36b337c24659b6693aaf7762 Mon Sep 17 00:00:00 2001
From: Jonas Forsberg <jonas.forsberg@suse.com>
Date: Thu, 23 Sep 2021 11:23:59 +0200
Subject: [PATCH] .

---
 salt/states/chrony/files/local.conf.jinja |  2 +-
 salt/states/firewalld/init.sls            | 18 +++++++++++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/salt/states/chrony/files/local.conf.jinja b/salt/states/chrony/files/local.conf.jinja
index 3d565e0..a2fa433 100644
--- a/salt/states/chrony/files/local.conf.jinja
+++ b/salt/states/chrony/files/local.conf.jinja
@@ -1,2 +1,2 @@
 local stratum 10
-allow {{ pillar['network']['address'] }}/{{ pillar['network']['netmask'] }}
+allow {{ pillar['network']['netaddress'] }}/{{ pillar['network']['netmask'] }}
diff --git a/salt/states/firewalld/init.sls b/salt/states/firewalld/init.sls
index ced4987..ac40df5 100644
--- a/salt/states/firewalld/init.sls
+++ b/salt/states/firewalld/init.sls
@@ -10,7 +10,7 @@ Configure firewalld for external interface:
     - services:
       - ssh
 
-Configure firewalld for internal networks:
+Configure firewalld for internal network:
   firewalld.present:
     - name: internal
     - prune_ports: True
@@ -18,6 +18,22 @@ Configure firewalld for internal networks:
     - prune_interfaces: True
     - interfaces:
       - {{ pillar['network']['interface']['internal'] }}
+    - services:
+      - ssh
+      - dhcp
+      - tftp
+      - http
+      - https
+      - dns
+      - ntp
+
+Configure firewalld for vlan networks:
+  firewalld.present:
+    - name: internal
+    - prune_ports: True
+    - prune_services: True
+    - prune_interfaces: True
+    - interfaces:
       {% for vlan in pillar['network']['vlan'] -%}
       - vlan.{{ vlan['id'] }}
       {% endfor %}