From c39d61cf889722e8e8d4d8f11d95797e8e0894b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9lix-Antoine=20Fortin?=
 <felix-antoine.fortin@calculquebec.ca>
Date: Tue, 17 Dec 2024 14:11:44 -0500
Subject: [PATCH] Add squid firewall rule

---
 site/profile/manifests/squid.pp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/site/profile/manifests/squid.pp b/site/profile/manifests/squid.pp
index a8e1507ec..e6ee839eb 100644
--- a/site/profile/manifests/squid.pp
+++ b/site/profile/manifests/squid.pp
@@ -5,6 +5,10 @@
 ) {
   include profile::consul
 
+  nftables::rule { 'default_in-squid':
+    content => "tcp dport 3128 accept comment \"Accept squid\"",
+  }
+
   class { 'squid': }
   squid::http_port { String($port): }
   squid::acl { 'SSL_ports':