Dzahn has submitted this change and it was merged.
Change subject: ud2plog: open hole for monitoring, nrpe from icinga
......................................................................
ud2plog: open hole for monitoring, nrpe from icinga
As a follow-up to I5859dbce6da06a, opening a firewall hole to let
icinga connect via NRPE on tcp/5666 for monitoring checks, because
after that merge they started failing.
Change-Id: I4f64ab071ab3252c4d14e615a555781cf23bb6c6
---
M manifests/misc/udp2log.pp
1 file changed, 7 insertions(+), 0 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/manifests/misc/udp2log.pp b/manifests/misc/udp2log.pp
index 1f76f05..089fbe5 100644
--- a/manifests/misc/udp2log.pp
+++ b/manifests/misc/udp2log.pp
@@ -395,4 +395,11 @@
rule => 'proto !udp ACCEPT;',
prio => 12,
}
+
+ # let monitoring host connect via NRPE
+ ferm::rule { 'udp2log_accept_icinga_nrpe':
+ rule => 'proto tcp dport 5666 { saddr $INTERNAL ACCEPT; }',
+ prio => 13,
+ }
+
}
--
To view, visit https://gerrit.wikimedia.org/r/184791
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I4f64ab071ab3252c4d14e615a555781cf23bb6c6
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
