daily autocommit

diff --git a/.etckeeper b/.etckeeper
index 3c95a48e6b3a92a2854e25454fa5c5e957476f6b..21346958286584fb0762d4b8b4203246c9ec0c8c 100755 (executable)
--- a/.etckeeper
+++ b/.etckeeper
@@ -26,6 +26,9 @@ mkdir -p './initramfs-tools/scripts/nfs-top'
 mkdir -p './initramfs-tools/scripts/panic'
 mkdir -p './insserv/overrides'
 mkdir -p './kernel/install.d'
+mkdir -p './letsencrypt/renewal-hooks/deploy'
+mkdir -p './letsencrypt/renewal-hooks/post'
+mkdir -p './letsencrypt/renewal-hooks/pre'
 mkdir -p './logwatch/scripts/services'
 mkdir -p './modprobe.d'
 mkdir -p './network/if-pre-up.d'
@@ -996,6 +999,10 @@ maybe chmod 0700 'letsencrypt/live'
 maybe chmod 0755 'letsencrypt/live/ns2.uhu-banane.de'
 maybe chmod 0644 'letsencrypt/options-ssl-apache.conf'
 maybe chmod 0755 'letsencrypt/renewal'
+maybe chmod 0755 'letsencrypt/renewal-hooks'
+maybe chmod 0755 'letsencrypt/renewal-hooks/deploy'
+maybe chmod 0755 'letsencrypt/renewal-hooks/post'
+maybe chmod 0755 'letsencrypt/renewal-hooks/pre'
 maybe chmod 0644 'letsencrypt/renewal/ns2.uhu-banane.de.conf'
 maybe chmod 0644 'lftp.conf'
 maybe chmod 0644 'libaudit.conf'

diff --git a/iptables/rules.v4 b/iptables/rules.v4
index 6f44166a7cebe408ea18504e0693b31e24dcc21b..b59ecbbfb2d04a30791e4c89ee8252030203b5be 100644 (file)
--- a/iptables/rules.v4
+++ b/iptables/rules.v4
@@ -1,8 +1,8 @@
-# Generated by iptables-save v1.6.0 on Sat Aug 25 13:29:03 2018
+# Generated by iptables-save v1.6.0 on Tue Jan 29 22:32:39 2019
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [51:11900]
+:OUTPUT ACCEPT [228:52798]
 :f2b-apache - [0:0]
 :f2b-apache-modsecurity - [0:0]
 :f2b-apache-nohome - [0:0]
@@ -38,19 +38,29 @@
 -A INPUT -j REJECT --reject-with icmp-port-unreachable
 -A f2b-apache -j RETURN
 -A f2b-apache -j RETURN
+-A f2b-apache -j RETURN
+-A f2b-apache-modsecurity -j RETURN
 -A f2b-apache-modsecurity -j RETURN
 -A f2b-apache-modsecurity -j RETURN
 -A f2b-apache-nohome -j RETURN
 -A f2b-apache-nohome -j RETURN
+-A f2b-apache-nohome -j RETURN
+-A f2b-apache-noscript -j RETURN
 -A f2b-apache-noscript -j RETURN
 -A f2b-apache-noscript -j RETURN
 -A f2b-apache-overflows -j RETURN
 -A f2b-apache-overflows -j RETURN
+-A f2b-apache-overflows -j RETURN
+-A f2b-postfix -j RETURN
 -A f2b-postfix -j RETURN
 -A f2b-postfix -j RETURN
+-A f2b-ssh -s 80.152.170.99/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 112.85.42.88/32 -j REJECT --reject-with icmp-port-unreachable
 -A f2b-ssh -s 58.218.198.142/32 -j REJECT --reject-with icmp-port-unreachable
 -A f2b-ssh -j RETURN
 -A f2b-ssh -j RETURN
+-A f2b-ssh -j RETURN
+-A f2b-sshd -j RETURN
 -A f2b-sshd -j RETURN
 -A f2b-sshd -j RETURN
 -A icinga2 -s 185.102.95.107/32 -j ACCEPT
@@ -71,4 +81,4 @@
 -A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable
 -A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable
 COMMIT
-# Completed on Sat Aug 25 13:29:03 2018
+# Completed on Tue Jan 29 22:32:39 2019

diff --git a/iptables/rules.v6 b/iptables/rules.v6
index 7088745602079149fa03f43969786d231efcaa50..6e6516671086ef1fe5ce1d143aeec843f483faf0 100644 (file)
--- a/iptables/rules.v6
+++ b/iptables/rules.v6
@@ -1,7 +1,7 @@
-# Generated by ip6tables-save v1.6.0 on Sat Aug 25 13:29:03 2018
+# Generated by ip6tables-save v1.6.0 on Tue Jan 29 22:32:39 2019
 *filter
 :INPUT ACCEPT [1:49]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [9:517]
+:OUTPUT ACCEPT [17:1073]
 COMMIT
-# Completed on Sat Aug 25 13:29:03 2018
+# Completed on Tue Jan 29 22:32:39 2019