From 4089b81114c9ce7bd885194cb47204015c182a94 Mon Sep 17 00:00:00 2001
From: Tollef Fog Heen <tfheen@err.no>
Date: Fri, 2 Feb 2018 11:54:23 +0100
Subject: [PATCH] No more conntrackd in bm, so drop firewall opening

---
 modules/ferm/manifests/per_host.pp | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp
index e8d445a5d..e527d3c97 100644
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -98,9 +98,6 @@ class ferm::per_host {
 			@ferm::rule { 'dsa-vrrp':
 				rule            => 'proto vrrp daddr 224.0.0.18 jump ACCEPT',
 			}
-			@ferm::rule { 'dsa-conntrackd':
-				rule            => 'interface vlan2 daddr 225.0.0.50 jump ACCEPT',
-			}
 			@ferm::rule { 'dsa-bind-notrack-in':
 				domain      => 'ip',
 				description => 'NOTRACK for nameserver traffic',
-- 
2.20.1