From 933a435be9011842794575b865d1bb4a38f2ae87 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 23 Sep 2019 18:58:22 +0200 Subject: [PATCH] Drop explicit 5.153.231.125 and 5.153.231.126 from the bacula-sd firewall allow. If we still need them we should learn that this way --- modules/bacula/manifests/storage.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp index 63de0de3e..39e619dfa 100644 --- a/modules/bacula/manifests/storage.pp +++ b/modules/bacula/manifests/storage.pp @@ -47,7 +47,7 @@ class bacula::storage inherits bacula { ferm::rule { 'dsa-bacula-sd': domain => '(ip ip6)', description => 'Allow bacula-sd access from director and clients (i.e. all of Debian)', - rule => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN 5.153.231.125 5.153.231.126) ACCEPT; }', + rule => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN) ACCEPT; }', notarule => true, } -- 2.20.1