From afe8043a8dcc9ea09763565b40d9ba061b68ba36 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 19 Jul 2019 16:05:22 +0200
Subject: [PATCH] Block 198.108.67.48 from security mirrors for breaking rsync

---
 modules/roles/manifests/security_mirror.pp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/modules/roles/manifests/security_mirror.pp b/modules/roles/manifests/security_mirror.pp
index 20de54785..a949cfe39 100644
--- a/modules/roles/manifests/security_mirror.pp
+++ b/modules/roles/manifests/security_mirror.pp
@@ -1,6 +1,13 @@
 class roles::security_mirror {
 	include roles::archvsync_base
 
+	# security abusers
+	#  198.108.67.48 DoS against our rsync service
+	@ferm::rule { 'dsa-security-abusers':
+		prio  => "005",
+		rule  => "saddr ( 198.108.67.48/32 ) DROP",
+	}
+
 	$binds = $::hostname ? {
 		mirror-anu      => [ '150.203.164.61', '[2001:388:1034:2900::3d]' ],
 		mirror-isc      => [ '149.20.4.14', '[2001:4f8:1:c::14]' ],
-- 
2.20.1