![[staff profile]](https://www.dreamwidth.org/img/silk/identity/user_staff.png){kind=small}
![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-ops] update some puppet stuff
[commit: http://hg.dwscoalition.org/dw-ops/rev/1aab523a90b7]
update some puppet stuff
Files modified:
update some puppet stuff
Files modified:
- nagios/conf.d/config/contacts.cfg
- puppet/manifests/site.pp
- puppet/modules/iptables/templates/dreamwidth.erb
- puppet/modules/iptables/templates/spamhaus-drop.erb
--------------------------------------------------------------------------------
diff -r 969c631efb1a -r 1aab523a90b7 nagios/conf.d/config/contacts.cfg
--- a/nagios/conf.d/config/contacts.cfg Fri Jul 29 00:08:09 2011 +0000
+++ b/nagios/conf.d/config/contacts.cfg Thu Dec 22 02:12:31 2011 +0000
@@ -27,9 +27,10 @@
host_notification_period always
service_notification_options w,u,c,r
host_notification_options d,r
- service_notification_commands notify-service-by-email
- host_notification_commands notify-host-by-email
- email 5103786969@txt.att.net
+ service_notification_commands notify-service-by-email,dw_notify_service_epager
+ host_notification_commands notify-host-by-email,dw_notify_host_epager
+ email mark@qq.is
+ pager 5107543245@txt.att.net
}
define contact {
diff -r 969c631efb1a -r 1aab523a90b7 puppet/manifests/site.pp
--- a/puppet/manifests/site.pp Fri Jul 29 00:08:09 2011 +0000
+++ b/puppet/manifests/site.pp Thu Dec 22 02:12:31 2011 +0000
@@ -68,6 +68,7 @@
node sb-web03 { include serverclass::webserver }
node sb-search01 { include serverclass::webserver }
node sb-admin01 { include serverclass::admin }
+node sb-db01 { include serverclass::webserver }
# A special case exists for the node that will run the Puppet master service.
# This node can be specified as following:
diff -r 969c631efb1a -r 1aab523a90b7 puppet/modules/iptables/templates/dreamwidth.erb
--- a/puppet/modules/iptables/templates/dreamwidth.erb Fri Jul 29 00:08:09 2011 +0000
+++ b/puppet/modules/iptables/templates/dreamwidth.erb Thu Dec 22 02:12:31 2011 +0000
@@ -12,15 +12,16 @@
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
# Accept inbound private traffic from one of our servers
--A INPUT -s 172.20.6.170 -j ACCEPT
--A INPUT -s 172.20.6.173 -j ACCEPT
--A INPUT -s 172.20.6.174 -j ACCEPT
+-A INPUT -s 172.20.6.161 -j ACCEPT
-A INPUT -s 172.20.6.166 -j ACCEPT
-A INPUT -s 172.20.6.167 -j ACCEPT
-A INPUT -s 172.20.6.168 -j ACCEPT
+-A INPUT -s 172.20.6.169 -j ACCEPT
+-A INPUT -s 172.20.6.170 -j ACCEPT
+-A INPUT -s 172.20.6.171 -j ACCEPT
-A INPUT -s 172.20.6.172 -j ACCEPT
--A INPUT -s 172.20.6.171 -j ACCEPT
--A INPUT -s 172.20.6.169 -j ACCEPT
+-A INPUT -s 172.20.6.173 -j ACCEPT
+-A INPUT -s 172.20.6.174 -j ACCEPT
-A INPUT -s 172.20.6.175 -j ACCEPT
-A INPUT -s 172.20.6.176 -j ACCEPT
@@ -33,6 +34,12 @@
-A OUTPUT -d <%= dropnet.chomp %> -j DROP
<% end -%>
+# TEMP RULE FOR 400 BAD REQUEST SPAMMER
+-A INPUT -s 46.73.220.3/32 -j DROP
+-A OUTPUT -d 46.73.220.3/32 -j DROP
+-A INPUT -s 80.223.173.181/32 -j DROP
+-A OUTPUT -d 80.223.173.181/32 -j DROP
+
# Per-host connection limit on port 80
-A INPUT -p tcp --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 32 -j DROP
diff -r 969c631efb1a -r 1aab523a90b7 puppet/modules/iptables/templates/spamhaus-drop.erb
--- a/puppet/modules/iptables/templates/spamhaus-drop.erb Fri Jul 29 00:08:09 2011 +0000
+++ b/puppet/modules/iptables/templates/spamhaus-drop.erb Thu Dec 22 02:12:31 2011 +0000
@@ -1,10 +1,11 @@
+103.10.188.0/22
109.196.140.0/24
109.94.212.0/22
110.232.160.0/20
110.44.128.0/20
113.20.160.0/19
+114.112.224.0/19
116.199.128.0/19
-116.68.136.0/21
121.46.64.0/18
122.202.96.0/19
128.168.0.0/16
@@ -14,26 +15,26 @@
130.222.0.0/16
132.145.0.0/16
132.232.0.0/16
-132.240.0.0/16
134.127.0.0/16
134.172.0.0/16
+134.175.0.0/19
134.209.0.0/16
134.23.0.0/16
134.33.0.0/16
136.228.0.0/16
138.43.0.0/16
139.167.0.0/16
-14.1.96.0/19
-14.102.160.0/19
140.170.0.0/16
+141.136.17.0/24
+141.136.22.0/24
+141.136.27.0/24
143.135.0.0/16
143.49.0.0/16
-143.95.0.0/16
+146.185.245.0/24
148.105.0.0/16
148.178.0.0/16
148.248.0.0/16
150.141.0.0/16
-150.230.0.0/16
151.123.0.0/16
152.147.0.0/16
155.190.0.0/16
@@ -44,29 +45,17 @@
167.224.0.0/19
167.28.0.0/16
167.97.0.0/16
-168.151.0.0/16
-169.131.128.0/17
170.106.0.0/16
170.120.0.0/16
170.197.0.0/16
170.67.0.0/16
170.75.0.0/16
-173.225.112.0/20
174.138.144.0/20
178.218.128.0/20
-188.130.250.0/23
188.170.192.0/21
188.212.0.0/20
-188.229.13.0/24
-188.229.35.0/24
-188.229.88.0/23
-188.229.90.0/23
-188.229.92.0/24
-188.229.93.0/24
-188.229.94.0/24
-188.229.97.0/24
-192.100.5.0/24
-192.101.177.0/24
+188.247.135.0/24
+188.247.232.0/24
192.101.200.0/21
192.101.240.0/21
192.101.248.0/23
@@ -93,20 +82,18 @@
192.86.85.0/24
193.104.110.0/24
193.104.12.0/24
-193.104.146.0/24
193.104.176.0/24
-193.104.224.0/22
-193.104.253.0/24
193.104.34.0/24
193.104.41.0/24
193.104.94.0/24
193.105.121.0/24
193.105.132.0/24
193.105.141.0/24
-193.105.174.0/24
+193.105.154.0/24
193.105.184.0/24
193.105.207.0/24
193.105.245.0/24
+193.106.172.0/22
193.106.32.0/22
193.110.136.0/24
193.111.235.0/24
@@ -118,13 +105,14 @@
193.178.172.0/24
193.186.9.0/24
193.201.192.0/23
-193.227.240.0/23
193.228.145.0/24
193.23.126.0/24
193.238.0.0/22
+193.243.166.0/24
193.27.232.0/23
193.27.246.0/23
193.41.38.0/24
+193.42.149.0/24
193.43.134.0/24
193.46.211.0/24
194.0.221.0/24
@@ -135,16 +123,16 @@
194.126.193.0/24
194.126.251.0/24
194.140.229.0/24
-194.143.130.0/23
194.146.204.0/22
194.165.4.0/23
+194.242.2.0/23
+194.247.48.0/24
194.247.58.0/24
194.28.112.0/22
194.28.44.0/22
194.54.156.0/22
194.60.205.0/24
194.63.144.0/22
-194.8.250.0/23
194.8.74.0/23
195.114.8.0/23
195.14.112.0/23
@@ -157,27 +145,22 @@
195.225.176.0/22
195.226.197.0/24
195.226.220.0/24
-195.234.159.0/24
195.238.242.0/24
195.28.10.0/23
195.5.161.0/24
195.54.170.0/23
195.74.88.0/23
195.78.108.0/23
-195.80.148.0/22
195.85.204.0/24
-195.88.144.0/23
195.88.190.0/23
195.88.226.0/23
195.93.184.0/23
195.93.208.0/23
195.95.151.0/24
195.95.155.0/24
-196.1.176.0/20
196.32.216.0/21
198.12.32.0/19
198.13.0.0/20
-198.143.128.0/19
198.151.152.0/22
198.162.208.0/20
198.181.64.0/19
@@ -188,7 +171,6 @@
198.204.0.0/21
198.205.64.0/19
198.23.32.0/20
-198.252.64.0/18
198.45.32.0/20
198.57.64.0/20
198.96.224.0/20
@@ -216,16 +198,16 @@
199.84.64.0/19
199.88.32.0/20
199.88.48.0/22
+2.56.0.0/14
200.106.128.0/20
200.115.112.0/20
200.125.168.0/21
200.22.0.0/16
200.3.128.0/20
200.50.192.0/19
-200.63.40.0/21
+201.7.208.0/20
201.71.0.0/20
-202.59.236.0/24
-202.61.127.0/24
+202.61.108.0/24
203.31.88.0/23
203.34.70.0/23
203.34.71.0/24
@@ -246,17 +228,21 @@
204.225.159.0/24
204.225.210.0/24
204.236.0.0/19
-204.28.104.0/21
+204.44.192.0/20
204.48.64.0/19
204.52.255.0/24
-204.63.144.0/21
+204.57.16.0/20
204.89.224.0/24
+205.137.0.0/20
205.142.104.0/22
205.144.0.0/20
+205.144.176.0/20
205.145.192.0/19
205.159.180.0/24
205.172.244.0/22
205.175.160.0/19
+205.189.71.0/24
+205.189.72.0/23
205.203.224.0/19
205.214.128.0/19
205.235.64.0/20
@@ -278,6 +264,7 @@
208.85.32.0/21
208.90.0.0/21
209.145.0.0/19
+209.148.64.0/19
209.182.64.0/19
209.198.176.0/20
209.205.192.0/19
@@ -290,80 +277,67 @@
213.247.0.0/19
216.151.192.0/20
216.212.192.0/19
-216.245.64.0/18
+31.11.43.0/24
31.222.200.0/21
41.221.112.0/20
-46.161.28.0/23
46.161.29.0/24
-46.252.128.0/23
-46.252.130.0/23
-46.252.132.0/23
-46.51.100.0/24
-46.51.101.0/24
-46.51.102.0/23
-58.83.12.0/22
58.83.8.0/22
62.122.32.0/21
62.122.72.0/23
-62.18.252.0/24
62.182.152.0/21
-62.19.0.0/18
-62.19.248.0/21
-62.19.249.0/24
-62.19.250.0/24
-62.19.64.0/22
64.112.0.0/17
64.112.128.0/18
64.15.0.0/20
-64.250.96.0/20
-64.28.176.0/20
+64.21.192.0/20
+64.21.212.0/22
+64.21.216.0/21
64.44.0.0/16
66.231.64.0/20
-67.210.0.0/20
67.211.208.0/20
67.213.128.0/20
67.218.208.0/20
+69.6.80.0/24
72.13.16.0/20
72.2.176.0/20
72.50.192.0/19
78.155.220.0/23
78.31.184.0/21
-79.110.144.0/20
79.110.16.0/20
79.110.160.0/20
79.110.176.0/20
79.110.48.0/20
79.174.0.0/19
81.22.152.0/23
+84.22.96.0/19
+85.120.94.0/23
85.121.39.0/24
85.202.160.0/20
85.202.192.0/20
85.255.112.0/20
-86.55.140.0/24
-86.55.210.0/23
-86.55.243.0/24
88.135.64.0/20
88.214.211.0/24
89.114.9.0/24
89.114.97.0/24
+89.136.223.0/24
89.45.14.0/24
91.193.192.0/22
+91.193.72.0/22
91.194.0.0/23
+91.195.10.0/23
+91.196.216.0/22
91.196.232.0/22
-91.197.96.0/22
91.198.109.0/24
91.198.125.0/24
91.198.127.0/24
-91.198.217.0/24
91.199.112.0/24
91.199.123.0/24
91.199.157.0/24
+91.199.230.0/24
91.200.164.0/22
91.200.188.0/22
91.200.240.0/22
91.200.248.0/22
91.201.124.0/22
-91.201.196.0/22
91.201.212.0/22
91.201.236.0/22
91.201.4.0/22
@@ -382,13 +356,12 @@
91.209.238.0/24
91.209.48.0/24
91.209.58.0/24
+91.209.63.0/24
91.210.172.0/22
91.211.64.0/22
91.211.88.0/22
91.212.107.0/24
91.212.123.0/24
-91.212.127.0/24
-91.212.132.0/24
91.212.135.0/24
91.212.163.0/24
91.212.198.0/24
@@ -400,6 +373,7 @@
91.213.121.0/24
91.213.157.0/24
91.213.174.0/24
+91.213.175.0/24
91.213.217.0/24
91.213.29.0/24
91.213.72.0/24
@@ -410,16 +384,18 @@
91.216.122.0/24
91.216.141.0/24
91.216.190.0/24
-91.216.232.0/24
91.216.3.0/24
91.216.73.0/24
91.217.153.0/24
91.217.162.0/24
91.217.249.0/24
-91.220.110.0/24
+91.220.0.0/24
91.220.62.0/24
91.220.90.0/24
-91.223.201.0/24
+91.221.98.0/23
+91.226.78.0/24
+91.228.132.0/24
+91.229.90.0/23
93.120.32.0/19
93.168.18.0/23
93.168.20.0/23
@@ -427,8 +403,6 @@
93.168.24.0/23
93.174.164.0/24
93.175.240.0/20
-93.188.160.0/21
-93.188.162.0/23
94.126.176.0/21
94.130.0.0/15
94.154.128.0/18
@@ -436,10 +410,10 @@
94.232.248.0/21
94.60.121.0/24
94.60.122.0/23
+94.61.247.0/24
94.63.146.0/24
94.63.149.0/24
94.63.150.0/23
-94.63.240.0/24
94.63.241.0/24
94.63.243.0/24
94.63.244.0/23
@@ -453,10 +427,4 @@
95.64.37.0/24
95.64.38.0/24
95.64.39.0/24
-95.64.44.0/24
-95.64.45.0/24
-95.64.55.0/24
-95.64.59.0/24
-95.64.61.0/24
-95.64.9.0/24
95.64.98.0/23
--------------------------------------------------------------------------------