fix firewall

manifests/firewall/iptables.pp

@@ -18,4 +18,27 @@ class puppet_cd::firewall::iptables (
       jump  => 'accept',
     }
   }
+
+  if $fqdn == $pt_db_fqdn {
+    if $pt_use_ssl_only != true {
+      firewall { "3${pt_no_ssl_port} open port ${pt_no_ssl_port}":
+        proto => 'tcp',
+        dport => $pt_no_ssl_port,
+        jump  => 'accept',
+      }
+      firewall { "3${pt_ssl_port} open port ${pt_ssl_port}":
+        proto => 'tcp',
+        dport => $pt_ssl_port,
+        jump  => 'accept',
+      }
+    }
+
+    if $pt_use_ssl_only == true {
+      firewall { "3${pt_ssl_port} open port ${pt_ssl_port}":
+        proto => 'tcp',
+        dport => $pt_ssl_port,
+        jump  => 'accept',
+      }
+    }
+  }
 }