From: Frank Brehm <frank@brehm-online.com>
Date: Thu, 8 Apr 2021 17:28:22 +0000 (+0200)
Subject: saving uncommitted changes in /etc prior to apt run
X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=41192fdf1c0a92bad6eff68c15c891f76f123250;p=config%2Fns3%2Fetc.git

saving uncommitted changes in /etc prior to apt run
---

diff --git a/.etckeeper b/.etckeeper
index 8edd588..2f6b20b 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -1593,6 +1593,7 @@ maybe chmod 0644 'salt/pki/master/master.pub'
 maybe chmod 0755 'salt/pki/master/minions'
 maybe chmod 0644 'salt/pki/master/minions/be.nexunus.net'
 maybe chmod 0644 'salt/pki/master/minions/doc.nexunus.net'
+maybe chmod 0644 'salt/pki/master/minions/helga.uhu-banane.de'
 maybe chmod 0644 'salt/pki/master/minions/lena.home.brehm-online.com'
 maybe chmod 0644 'salt/pki/master/minions/liz.nexunus.net'
 maybe chmod 0644 'salt/pki/master/minions/mx.nexunus.net'
diff --git a/apt/sources.list.d/salt.list b/apt/sources.list.d/salt.list
index d299a18..2623898 100644
--- a/apt/sources.list.d/salt.list
+++ b/apt/sources.list.d/salt.list
@@ -1 +1,2 @@
 #deb	http://repo.saltstack.com/apt/debian/9/amd64/latest	stretch main
+deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg] https://repo.saltproject.io/py3/debian/10/amd64/latest buster main
diff --git a/iptables/rules.v4 b/iptables/rules.v4
index 61c95cb..35eca9b 100644
--- a/iptables/rules.v4
+++ b/iptables/rules.v4
@@ -1,11 +1,15 @@
-# Generated by xtables-save v1.8.2 on Wed Jan  6 23:04:54 2021
+# Generated by xtables-save v1.8.2 on Thu Apr  8 19:25:18 2021
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [79:14108]
+:OUTPUT ACCEPT [3894502:15435226157]
 :icinga2 - [0:0]
 :rejects - [0:0]
 :salt-master - [0:0]
+:f2b-ssh - [0:0]
+:f2b-apache-noscript - [0:0]
+-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-noscript
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh
 -A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
 -A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
 -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
@@ -49,7 +53,16 @@
 -A salt-master -s 138.201.28.184/32 -j ACCEPT
 -A salt-master -s 185.48.118.130/32 -j ACCEPT
 -A salt-master -s 91.64.140.221/32 -j ACCEPT
+-A salt-master -s 188.34.187.246/32 -j ACCEPT
 -A salt-master -j NFLOG --nflog-prefix  "IPv4 Salt Reject " --nflog-threshold 1
 -A salt-master -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 107.175.33.240/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 221.131.165.23/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 128.199.99.204/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 49.88.112.115/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 42.192.249.157/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 212.129.248.183/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -j RETURN
+-A f2b-apache-noscript -j RETURN
 COMMIT
-# Completed on Wed Jan  6 23:04:54 2021
+# Completed on Thu Apr  8 19:25:18 2021
diff --git a/iptables/rules.v6 b/iptables/rules.v6
index 8c3cafb..8bfb66c 100644
--- a/iptables/rules.v6
+++ b/iptables/rules.v6
@@ -1,8 +1,8 @@
-# Generated by xtables-save v1.8.2 on Wed Jan  6 23:04:54 2021
+# Generated by xtables-save v1.8.2 on Thu Apr  8 19:25:18 2021
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [7925469:622635830]
 :salt-master - [0:0]
 -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
 -A INPUT -m conntrack --ctstate RELATED -j ACCEPT
@@ -29,4 +29,4 @@
 -A salt-master -j NFLOG --nflog-prefix  "IPv6 Salt Reject " --nflog-threshold 1
 -A salt-master -j REJECT --reject-with icmp6-port-unreachable
 COMMIT
-# Completed on Wed Jan  6 23:04:54 2021
+# Completed on Thu Apr  8 19:25:18 2021
diff --git a/salt/pki/master/minions/helga.uhu-banane.de b/salt/pki/master/minions/helga.uhu-banane.de
new file mode 100644
index 0000000..74aa32b
--- /dev/null
+++ b/salt/pki/master/minions/helga.uhu-banane.de
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfChobzZkyL/nk4QfhUh
+X8eBEgqJf4/op8jj2+5/sL7oklW1/PkJsvUgVvYIBuGY8NSh0G74OfqkKEVdwWUE
+go8kDyy9PFrGvhw6qcPVIxtBR0E6bdJQdM+4uiR8+shqWIKtuZSGdfqyumFISUuA
+HnVrv+9mhEl4WaGer79G5Y2GKpR3+65Dx2jQTKrWilo1t8s+oM1cldAQQ23xNK/S
+6BkB73lfIPdZtX7xLSp42PNjq8naL3Ky/HlCXrF3052jxk2PMAgkDqINgzJ/gTIk
++5SSeibf48kUCp1Alg2eNFdVcrhhjFVmzR3T7P++1PCe87pL80Y910ZeucqL5KLI
+ZwIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file