fix rule

author Peter Palfrader <peter@palfrader.org>

Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)

committer Peter Palfrader <peter@palfrader.org>

Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)
author Peter Palfrader <peter@palfrader.org>
Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)
committer Peter Palfrader <peter@palfrader.org>
Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)
diff --git a/modules/roles/manifests/security_tracker.pp b/modules/roles/manifests/security_tracker.pp

index 40ed08a..eafe924 100644 (file)
--- a/modules/roles/manifests/security_tracker.pp
+++ b/modules/roles/manifests/security_tracker.pp
@@ -17,7 +17,7 @@ class roles::security_tracker {
         @ferm::rule { 'dsa-security-tracker-shape':
                 table => 'mangle',
                 chain => 'OUTPUT',
-               rule  => "proto tcp dport 443 MARK set-mark 20",
+               rule  => "proto tcp sport 443 MARK set-mark 20",
         }
  
         file { '/usr/local/sbin/traffic-shape':
author	Peter Palfrader <peter@palfrader.org>
	Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 6 Jul 2018 09:33:19 +0000 (11:33 +0200)