Drop explicit 5.153.231.125 and 5.153.231.126 from the bacula-sd firewall allow....

author Peter Palfrader <peter@palfrader.org>

Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)

committer Peter Palfrader <peter@palfrader.org>

Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)
author Peter Palfrader <peter@palfrader.org>
Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)
committer Peter Palfrader <peter@palfrader.org>
Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)
diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp

index 63de0de..39e619d 100644 (file)
--- a/modules/bacula/manifests/storage.pp
+++ b/modules/bacula/manifests/storage.pp
@@ -47,7 +47,7 @@ class bacula::storage inherits bacula {
    ferm::rule { 'dsa-bacula-sd':
      domain      => '(ip ip6)',
      description => 'Allow bacula-sd access from director and clients (i.e. all of Debian)',
-    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN 5.153.231.125 5.153.231.126) ACCEPT; }',
+    rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN) ACCEPT; }',
      notarule    => true,
    }
author	Peter Palfrader <peter@palfrader.org>
	Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)