.

salt/states/chrony/files/local.conf.jinja

@@ -1,2 +1,2 @@
 local stratum 10
-allow {{ pillar['network']['address'] }}/{{ pillar['network']['netmask'] }}
+allow {{ pillar['network']['netaddress'] }}/{{ pillar['network']['netmask'] }}

salt/states/firewalld/init.sls

@@ -10,7 +10,7 @@ Configure firewalld for external interface:
     - services:
       - ssh
 
-Configure firewalld for internal networks:
+Configure firewalld for internal network:
   firewalld.present:
     - name: internal
     - prune_ports: True
@@ -18,6 +18,22 @@ Configure firewalld for internal networks:
     - prune_interfaces: True
     - interfaces:
       - {{ pillar['network']['interface']['internal'] }}
+    - services:
+      - ssh
+      - dhcp
+      - tftp
+      - http
+      - https
+      - dns
+      - ntp
+
+Configure firewalld for vlan networks:
+  firewalld.present:
+    - name: internal
+    - prune_ports: True
+    - prune_services: True
+    - prune_interfaces: True
+    - interfaces:
       {% for vlan in pillar['network']['vlan'] -%}
       - vlan.{{ vlan['id'] }}
       {% endfor %}