[MediaWiki-commits] [Gerrit] operations/puppet[production]: tcpircbot: remove localhost from ferm rule

Fri, 23 Sep 2016 08:51:14 -0700 

Alexandros Kosiaris has submitted this change and it was merged.

Change subject: tcpircbot: remove localhost from ferm rule
......................................................................


tcpircbot: remove localhost from ferm rule

It's not needed, ferm accepts all loopback traffic.

Change-Id: Ice812d7540c4ce828e1284d9051cafc7e5588b03
---
M manifests/role/tcpircbot.pp
1 file changed, 2 insertions(+), 2 deletions(-)

Approvals:
  Alexandros Kosiaris: Verified; Looks good to me, approved



diff --git a/manifests/role/tcpircbot.pp b/manifests/role/tcpircbot.pp
index 9a2c593..aec319e 100644
--- a/manifests/role/tcpircbot.pp
+++ b/manifests/role/tcpircbot.pp
@@ -34,8 +34,8 @@
     }
 
     ferm::rule { 'tcpircbot_allowed':
-        # eventlog1001 (v4), tin (v4), mira (v4), puppetmaster1001 (v4), 
localhost (v4), tin (v6), mira (v6), puppetmaster1001 (v6, unnamed in DNS), 
terbium (v4), terbium (v6, unnamed in DNS), wasat (v4), wasat (v6, unnamed in 
DNS), puppetmaster2001 (v4), puppetmaster2001 (v6, unnamed in DNS)
+        # eventlog1001 (v4), tin (v4), mira (v4), puppetmaster1001 (v4), tin 
(v6), mira (v6), puppetmaster1001 (v6, unnamed in DNS), terbium (v4), terbium 
(v6, unnamed in DNS), wasat (v4), wasat (v6, unnamed in DNS), puppetmaster2001 
(v4), puppetmaster2001 (v6, unnamed in DNS)
         # Please DO NOT change the IPs in the rule below without updating the 
comment above
-        rule => 'proto tcp dport 9200 { saddr (10.64.32.167/32 10.64.0.196/32 
10.192.16.132/32 10.64.16.73/32 127.0.0.1 2620:0:861:101:10:64:0:196/128 
2620:0:860:102:10:192:16:132/128 2620:0:861:102:10:64:16:73/128 10.64.32.13/32 
2620:0:861:103:92b1:1cff:fe25:9d72/128 10.192.48.45/32 
2620:0:860:104:1602:ecff:fe3f:478c/128 10.192.0.27/32 
2620:0:860:101:10:192:0:27/128) ACCEPT; }',
+        rule => 'proto tcp dport 9200 { saddr (10.64.32.167/32 10.64.0.196/32 
10.192.16.132/32 10.64.16.73/32 2620:0:861:101:10:64:0:196/128 
2620:0:860:102:10:192:16:132/128 2620:0:861:102:10:64:16:73/128 10.64.32.13/32 
2620:0:861:103:92b1:1cff:fe25:9d72/128 10.192.48.45/32 
2620:0:860:104:1602:ecff:fe3f:478c/128 10.192.0.27/32 
2620:0:860:101:10:192:0:27/128) ACCEPT; }',
     }
 }

-- 
To view, visit https://gerrit.wikimedia.org/r/312456
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ice812d7540c4ce828e1284d9051cafc7e5588b03
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alex Monk <a...@wikimedia.org>
Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Dzahn <dz...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to