X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fsecurity_tracker.pp;h=4aa42196f6628b9dde83f8c89b22346832c55875;hb=ce56fe800e103dfe7f2d1d2011942eb06313a0fb;hp=0e94dd87eeea347da548b1a48febea40310db5e9;hpb=d93c128dcb7cadeaf336630b8d5562d33c6080c1;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/security_tracker.pp b/modules/roles/manifests/security_tracker.pp
index 0e94dd87e..4aa42196f 100644
--- a/modules/roles/manifests/security_tracker.pp
+++ b/modules/roles/manifests/security_tracker.pp
@@ -4,14 +4,14 @@ class roles::security_tracker {
 	include apache2::expires
 
 	apache2::module { 'cache_disk':
-		ensure => present,
+		ensure => absent,
 	}
 
 	# security-tracker abusers
 	#  66.170.99.1  20180706 excessive number of requests
 	#  66.170.99.2  20180706 excessive number of requests
-	@ferm::rule { 'dsa-sectracker-abusers':
-		prio  => "000",
+	ferm::rule { 'dsa-sectracker-abusers':
+		prio  => "005",
 		rule  => "saddr (66.170.99.1 66.170.99.2) DROP",
 	}
 
@@ -27,7 +27,7 @@ class roles::security_tracker {
 	}
 
 	# traffic shaping http traffic
-	#@ferm::rule { 'dsa-security-tracker-shape':
+	#ferm::rule { 'dsa-security-tracker-shape':
 	#	table => 'mangle',
 	#	chain => 'OUTPUT',
 	#	rule  => "proto tcp sport 443 MARK set-mark 20",