move DROP blacklists to ferm prio 005, after munin

author Peter Palfrader <peter@palfrader.org>

Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)

committer Peter Palfrader <peter@palfrader.org>

Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)
author Peter Palfrader <peter@palfrader.org>
Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)
committer Peter Palfrader <peter@palfrader.org>
Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)
diff --git a/modules/roles/manifests/security_tracker.pp b/modules/roles/manifests/security_tracker.pp

index 0e94dd8..8e60d7c 100644 (file)
--- a/modules/roles/manifests/security_tracker.pp
+++ b/modules/roles/manifests/security_tracker.pp
@@ -11,7 +11,7 @@ class roles::security_tracker {
         #  66.170.99.1  20180706 excessive number of requests
         #  66.170.99.2  20180706 excessive number of requests
         @ferm::rule { 'dsa-sectracker-abusers':
-               prio  => "000",
+               prio  => "005",
                 rule  => "saddr (66.170.99.1 66.170.99.2) DROP",
         }
  
diff --git a/modules/roles/manifests/snapshot_web.pp b/modules/roles/manifests/snapshot_web.pp

index 1e7b44f..56b1a44 100644 (file)
--- a/modules/roles/manifests/snapshot_web.pp
+++ b/modules/roles/manifests/snapshot_web.pp
@@ -22,7 +22,7 @@ class roles::snapshot_web {
         # 20180821 mirroring
         #  99.137.191.34
         @ferm::rule { 'dsa-snapshot-abusers':
-               prio  => "000",
+               prio  => "005",
                 rule  => "saddr (61.69.254.110 18.128.0.0/9 3.120.0.0/14 35.156.0.0/14 52.58.0.0/15 99.137.191.34) DROP",
         }
author	Peter Palfrader <peter@palfrader.org>
	Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Tue, 30 Oct 2018 09:45:11 +0000 (10:45 +0100)
modules/roles/manifests/security_tracker.pp		patch \| blob \| history
modules/roles/manifests/snapshot_web.pp		patch \| blob \| history