[MediaWiki-commits] [Gerrit] Revert "nrpe: iptables accept neon public IP address" - change (operations/puppet)

Wed, 20 Nov 2013 08:35:39 -0800 

Akosiaris has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/96512


Change subject: Revert "nrpe: iptables accept neon public IP address"
......................................................................

Revert "nrpe: iptables accept neon public IP address"

Not needed since https://gerrit.wikimedia.org/r/96511

This reverts commit ffb390f1b8bdd4187d28d57b79cb794e12a052ac.

Change-Id: I48ec1822b5b0824b8bdb98496859ae2502630abb
---
M modules/nrpe/manifests/init.pp
1 file changed, 1 insertion(+), 4 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/12/96512/1

diff --git a/modules/nrpe/manifests/init.pp b/modules/nrpe/manifests/init.pp
index 0a2c154..5cedff3 100644
--- a/modules/nrpe/manifests/init.pp
+++ b/modules/nrpe/manifests/init.pp
@@ -73,10 +73,7 @@
 
     # firewall nrpe-server, only accept nrpe/5666 from internal
     ferm::rule { 'nrpe_5666':
-        # FIXME: 208.80.154.14 is neon address. That is the source address
-        # whenever checking hosts on their public IP address. Should instead
-        # allow Wikimedia networks.
-        rule => 'proto tcp dport 5666 { saddr (208.80.154.14 $INTERNAL) 
ACCEPT; DROP; }'
+        rule => 'proto tcp dport 5666 { saddr $INTERNAL ACCEPT; DROP; }'
     }
 
     #Collect virtual nrpe checks

-- 
To view, visit https://gerrit.wikimedia.org/r/96512
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I48ec1822b5b0824b8bdb98496859ae2502630abb
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Akosiaris <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to