From f78a50e1b3e90e16ad5243e425b58f72aced26d5 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 26 Oct 2025 15:31:02 +0100 Subject: [PATCH 1/2] add source - https://gitlab.confdroid.com/internal/confdroid_management/-/issues/284 --- manifests/firewall/iptables.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp index 91f61e4..ad5c395 100644 --- a/manifests/firewall/iptables.pp +++ b/manifests/firewall/iptables.pp @@ -19,9 +19,10 @@ class puppet_cd::firewall::iptables ( } if $pt_use_r10k_webhook == true { firewall { "3${pt_r10k_webhook_port} open port ${pt_r10k_webhook_port}": - proto => 'tcp', - dport => $pt_r10k_webhook_port, - jump => 'accept', + proto => 'tcp', + source => '10.0.1.0/24', + dport => $pt_r10k_webhook_port, + jump => 'accept', } } } From 52506068a2f4c007aa9b3b158c549cabb05a8647 Mon Sep 17 00:00:00 2001 From: Jenkins Server Date: Sun, 26 Oct 2025 15:32:42 +0100 Subject: [PATCH 2/2] Recommit for updates in build 63 --- .../puppet_cd_3A_3Afirewall_3A_3Aiptables.html | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html index 73b9054..bdaacbf 100644 --- a/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html +++ b/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html @@ -146,7 +146,8 @@ 48 49 50 -51 +51 +52 
# File 'manifests/firewall/iptables.pp', line 6
@@ -167,9 +168,10 @@ class puppet_cd::firewall::iptables (
     }
     if $pt_use_r10k_webhook == true {
       firewall { "3${pt_r10k_webhook_port} open port ${pt_r10k_webhook_port}":
-        proto => 'tcp',
-        dport => $pt_r10k_webhook_port,
-        jump  => 'accept',
+        proto  => 'tcp',
+        source => '10.0.1.0/24',
+        dport  => $pt_r10k_webhook_port,
+        jump   => 'accept',
       }
     }
   }