From 821e783702686f533fc39fd9c374ee7136c73ac0 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Sat, 8 Feb 2025 17:25:34 +0000 Subject: [PATCH] Update DNA gw IP's --- group_vars/ns.yml | 2 +- roles/pf/files/pf.conf.gw_home | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/ns.yml b/group_vars/ns.yml index 5a6101f..2a284b1 100644 --- a/group_vars/ns.yml +++ b/group_vars/ns.yml @@ -1,6 +1,6 @@ --- firewall_in: - - {proto: tcp, port: 22, from: [172.20.20.0/22, 212.149.248.65/32]} + - {proto: tcp, port: 22, from: [172.20.20.0/22, 212.149.225.204/32]} - {proto: tcp, port: 53} - {proto: udp, port: 53} - {proto: tcp, port: 80} diff --git a/roles/pf/files/pf.conf.gw_home b/roles/pf/files/pf.conf.gw_home index 981f783..3f211fb 100644 --- a/roles/pf/files/pf.conf.gw_home +++ b/roles/pf/files/pf.conf.gw_home @@ -43,7 +43,7 @@ antispoof for vio1 pass in quick on $int_if proto tcp from $int_net to self port ssh pass in quick on $ext_if proto tcp from 37.35.86.64/29 to self port ssh pass in quick on $ext_if proto tcp from 37.16.96.144/28 to self port ssh -pass in quick on $ext_if proto tcp from 212.149.228.253/32 to self port ssh +pass in quick on $ext_if proto tcp from 212.149.225.198/32 to self port ssh # node_exporter and unbound_exporter from internal network pass in quick on $int_if proto tcp from $int_net to self port 9100