blacklist more amazon aws

diff --git a/modules/roles/manifests/snapshot_web.pp b/modules/roles/manifests/snapshot_web.pp
index 8ffa4d8..a965136 100644 (file)
--- a/modules/roles/manifests/snapshot_web.pp
+++ b/modules/roles/manifests/snapshot_web.pp
@@ -4,11 +4,24 @@ class roles::snapshot_web {
 
        # snapshot abusers
        #  61.69.254.110 - 20180705, mirroring with wget
-       #  18.185.157.46  - 20180821 large amount of requests way too fast
-       #  18.194.174.202 - 20180821 large amount of requests way too fast
+       # 20180821 large amount of requests way too fast from some amazon AWS instances
+       #  18.185.157.46
+       #  18.194.174.202
+       #  18.184.181.169
+       #  18.184.5.230
+       #  18.194.137.96
+       #  18.197.147.183
+       #  3.120.39.137
+       #  3.120.41.69
+       #  35.158.129.130
+       #  52.59.199.25
+       #  52.59.228.158
+       #  52.59.245.42
+       #  52.59.253.41
+       #  52.59.71.13
        @ferm::rule { 'dsa-snapshot-abusers':
                prio  => "000",
-               rule  => "saddr (61.69.254.110 18.185.157.46 18.194.174.202) DROP",
+               rule  => "saddr (61.69.254.110 18.185.157.46 18.194.174.202 18.184.181.169 18.184.5.230 18.194.137.96 18.197.147.183 3.120.39.137 3.120.41.69 35.158.129.130 52.59.199.25 52.59.228.158 52.59.245.42 52.59.253.41 52.59.71.13) DROP",
        }
 
        ensure_packages ( [