Mercurial > repos > other > Puppet

changeset 137:4f9bc88a426a puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Firewall Baidu's new Brazillian IP range for being to agressive
author IBBoard <dev@ibboard.co.uk>
date Sat, 17 Dec 2016 12:01:16 +0000
parents 765e72629b3e
children 7c3833d96603
files manifests/templates.pp
diffstat 1 files changed, 10 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/manifests/templates.pp	Fri Nov 11 21:04:13 2016 +0000
+++ b/manifests/templates.pp	Sat Dec 17 12:01:16 2016 +0000
@@ -112,7 +112,16 @@
 		dport => [ 80, 443 ],
 		proto => tcp,
 		action => 'reject',
-	}		
+	}
+	firewall { '099 Blacklist Baidu Brazil':
+		#Baidu got a Brazilian netblock and are hitting us hard
+		#Baidu doesn't honour "crawl-delay" in robots.txt
+		#Baidu gets firewalled
+		source => '131.161.8.0/22',
+		dport => [ 80, 443 ],
+		proto => tcp,
+		action => 'reject',
+	}
 	firewallchain { 'GREATFIREWALLOFCHINA:filter:IPv4':
 		ensure => present,
 	}