X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/blobdiff_plain/a51387b870b88439f6d75ead15c22281dd5e4bff..599a99d3b90eb0ba81ba09cca4d69fff45f6eae6:/src/plugins/firewall.sml

diff --git a/src/plugins/firewall.sml b/src/plugins/firewall.sml
index cb2893b..fe718f1 100644
--- a/src/plugins/firewall.sml
+++ b/src/plugins/firewall.sml
@@ -1,6 +1,6 @@
 (* HCoop Domtool (http://hcoop.sourceforge.net/)
  * Copyright (c) 2006-2007, Adam Chlipala
- * Copyright (c) 2011 Clinton Ebadi
+ * Copyright (c) 2011,2012,2013 Clinton Ebadi
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
@@ -70,10 +70,10 @@ fun parseRules () =
 		      | "Server" :: ports :: hosts =>
 			confLine_in (node, uname, String.concat ["dport ", parsePorts ports, parseHosts "saddr" hosts, " ACCEPT;"])
 		      | ["ProxiedServer", ports] =>
-			(* should this also allow access on lo? fixme: open output ports on apache node *)
+			(* should this also allow access on lo? *)
 			(confLine_in (node, uname, String.concat ["saddr $WEBNODES dport ", parsePorts ports, " ACCEPT;"]);
 			 (* Warning: duplicates code of Client case *)
-			 List.map (fn (node, _) => confLine_out (node, uname, String.concat ["dport ", parsePorts ports, Domain.nodeIp node, " ACCEPT;"] )) 
+			 List.map (fn (wnode, _) => confLine_out (wnode, uname, String.concat ["dport ", parsePorts ports, " daddr ", Domain.nodeIp node, " ACCEPT;"] )) 
 				  Config.Apache.webNodes_all; ())
 		      | ["LocalServer", ports] =>
 			confLine_in (node, uname, String.concat ["saddr 127.0.0.1/8 dport ", parsePorts ports, " ACCEPT;"])