From 933a435be9011842794575b865d1bb4a38f2ae87 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 23 Sep 2019 18:58:22 +0200
Subject: [PATCH] Drop explicit 5.153.231.125 and 5.153.231.126 from the
 bacula-sd firewall allow.  If we still need them we should learn that this
 way

---
 modules/bacula/manifests/storage.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp
index 63de0de3e..39e619dfa 100644
--- a/modules/bacula/manifests/storage.pp
+++ b/modules/bacula/manifests/storage.pp
@@ -47,7 +47,7 @@ class bacula::storage inherits bacula {
   ferm::rule { 'dsa-bacula-sd':
     domain      => '(ip ip6)',
     description => 'Allow bacula-sd access from director and clients (i.e. all of Debian)',
-    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN 5.153.231.125 5.153.231.126) ACCEPT; }',
+    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN) ACCEPT; }',
     notarule    => true,
   }
 
-- 
2.20.1