jaguar.m4: Also allow Munin from roadstar and telecaster.

author Mark Wooding <mdw@distorted.org.uk>

Thu, 26 Mar 2015 21:59:22 +0000 (21:59 +0000)

committer Mark Wooding <mdw@distorted.org.uk>

Fri, 27 Mar 2015 00:05:56 +0000 (00:05 +0000)
author Mark Wooding <mdw@distorted.org.uk>
Thu, 26 Mar 2015 21:59:22 +0000 (21:59 +0000)
committer Mark Wooding <mdw@distorted.org.uk>
Fri, 27 Mar 2015 00:05:56 +0000 (00:05 +0000)
diff --git a/jaguar.m4 b/jaguar.m4

index 6400676..0925d00 100644 (file)
--- a/jaguar.m4
+++ b/jaguar.m4
@@ -31,10 +31,15 @@ allowservices inbound tcp \
         ident \
         http https althttp0 althttp1
  
-## Allow Munin queries from HSTG.
-iptables -A inbound -j ACCEPT \
-       -s 217.150.97.26 \
-       -p tcp --dport $port_munin
+## Allow Munin queries from HSTG and the distorted.org.uk mothership.
+clearchain munin
+ip46tables -A inbound -j munin -p tcp --dport $port_munin
+for i in 217.150.97.26 212.13.198.71 62.49.204.147; do
+  iptables -A munin -j ACCEPT -s $i
+done
+for i in 2001:470:1f09:1b98::3 2001:ba8:0:1d9::7; do
+  ip6tables -A munin -j ACCEPT -s $i
+done
  
  ## Other interesting things.
  dnsresolver inbound
author	Mark Wooding <mdw@distorted.org.uk>
	Thu, 26 Mar 2015 21:59:22 +0000 (21:59 +0000)
committer	Mark Wooding <mdw@distorted.org.uk>
	Fri, 27 Mar 2015 00:05:56 +0000 (00:05 +0000)