Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

No more friends.

Browse source
This commit is contained in:
Ralph Bean 2016-03-10 20:21:02 +00:00
parent c31771d0de
commit 4043d326b5
3 changed files with 0 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/base/templates/iptables/ip6tables
View file

@ -20,12 +20,6 @@
# allow ssh - always
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
{% if inventory_hostname in groups['proxies'] %}
{% for friend in friends6 %}
-A INPUT --src {{ friend }} -j DROP
{% endfor %}
{% endif %}
# if the host/group defines incoming tcp_ports - allow them
{% if tcp_ports is defined %}
{% for port in tcp_ports %}

6
roles/base/templates/iptables/iptables
View file

@ -24,12 +24,6 @@
-A INPUT -p tcp -m tcp --dport 5666 -s 209.132.181.35 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
{% if inventory_hostname in groups['proxies'] %}
{% for friend in friends4 %}
-A INPUT --src {{ friend }} -j DROP
{% endfor %}
{% endif %}
{% if env != 'staging' and datacenter == 'phx2' and inventory_hostname not in groups['staging-friendly'] %}
#
# In the phx2 datacenter, both production and staging hosts are in the same

6
roles/base/templates/iptables/iptables.osuosl
View file

@ -29,12 +29,6 @@
-A INPUT -p tcp -m tcp --dport 5666 -s 209.132.181.35 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
{% if inventory_hostname in groups['proxies'] %}
{% for friend in friends4 %}
-A INPUT --src {{ friend }} -j DROP
{% endfor %}
{% endif %}
# if the host/group defines incoming tcp_ports - allow them
{% if tcp_ports is defined %}
{% for port in tcp_ports %}