From 5cedf628c853b7352e8926086f3e240fd8ba3226 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sat, 5 Apr 2025 19:53:39 +0000
Subject: [PATCH] Fix firewall rules on nms hosts for VRRP

---
 group_vars/nms.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/group_vars/nms.yml b/group_vars/nms.yml
index 1f2f050..cf78647 100644
--- a/group_vars/nms.yml
+++ b/group_vars/nms.yml
@@ -34,8 +34,7 @@ firewall_in:
   - {proto: tcp, port: 9100, from: [172.20.20.0/22]}
   - {proto: tcp, port: 9116, from: [172.20.20.0/22]}
 firewall_raw:
-  - "-A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT"
-  - "-A INPUT -i eth1 -p vrrp -j ACCEPT"
+  - "ip daddr 224.0.0.0/8 accept"
 
 sssd_allow_groups:
   - sysadm