Compilation results for alert1002.wikimedia.org: None system changes detected

You can retrieve this result from host.json.

Catalog differences

Summary

Total Resources:	9555
Resources added:	17
Resources removed:	0
Resources modified:	17
Change percentage:	0.36%

Resources only in the new catalog

Nftables::Service[ssh-from-bastion]
Nftables::Service[alertmanager-prometheus-frack]
Nftables::Service[full-monitoring-metrics-access-udp]
Nftables::Service[rsyncd_access_icinga-lib]
Nftables::Service[rsyncd_access_icinga-tmpfs]
Nftables::Service[tcpircbot_allowed]
Nftables::Service[alertmanager-cluster]
Nftables::Service[icinga-nsca]
Nftables::Service[full-monitoring-metrics-access-tcp]
Nftables::Service[icinga-https]
Nftables::Service[rsyncd_access_icinga-cache]
Nftables::Service[alertmanager-prometheus]
Nftables::Service[rsyncd_access_vopsbot-sync-db]
Nftables::Service[ssh-from-cumin-masters]
Nftables::Service[tcpircbot_cloud_allowed]
Nftables::Service[icinga-http]
Nftables::Service[alertmanager-irc]

Resources modified

Nftables::Service[full-monitoring-metrics-access-tcp]

Parameters differences:

--- Nftables::Service[full-monitoring-metrics-access-tcp].orig
+++ Nftables::Service[full-monitoring-metrics-access-tcp]

+    notrack             => False
+    desc                => 
+    src_ips             => ['10.64.0.82', '10.64.16.62', '10.64.32.85', '10.64.48.171', '208.80.153.42', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:101:10:64:0:82', '2620:0:861:102:10:64:16:62', '2620:0:861:103:10:64:32:85', '2620:0:861:107:10:64:48:171', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    port_range          => [1, 65535]
+    ensure              => present

Nftables::Service[ssh-from-bastion]

Parameters differences:

--- Nftables::Service[ssh-from-bastion].orig
+++ Nftables::Service[ssh-from-bastion]

+    notrack             => False
+    port                => 22
+    desc                => 
+    src_ips             => ['103.102.166.103', '185.15.58.6', '185.15.59.99', '195.200.68.99', '198.35.26.104', '2001:df2:e500:3:103:102:166:103', '208.80.153.110', '208.80.154.7', '2620:0:860:4:208:80:153:110', '2620:0:861:1:208:80:154:7', '2620:0:863:3:198:35:26:104', '2a02:ec80:300:3:185:15:59:99', '2a02:ec80:600:1:185:15:58:6', '2a02:ec80:700:3:195:200:68:99']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[ssh-from-cumin-masters]

Parameters differences:

--- Nftables::Service[ssh-from-cumin-masters].orig
+++ Nftables::Service[ssh-from-cumin-masters]

+    notrack             => False
+    port                => 22
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['CUMIN_MASTERS']

Nftables::Service[alertmanager-cluster]

Parameters differences:

--- Nftables::Service[alertmanager-cluster].orig
+++ Nftables::Service[alertmanager-cluster]

+    notrack             => False
+    port                => 9094
+    desc                => 
+    src_ips             => ['208.80.153.42', '208.80.154.78', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[icinga-https]

Parameters differences:

--- Nftables::Service[icinga-https].orig
+++ Nftables::Service[icinga-https]

+    proto               => tcp
+    notrack             => False
+    unrestricted_access => False
+    port                => 443
+    prio                => 10
+    desc                => 
+    ensure              => present

Nftables::Service[tcpircbot_cloud_allowed]

Parameters differences:

--- Nftables::Service[tcpircbot_cloud_allowed].orig
+++ Nftables::Service[tcpircbot_cloud_allowed]

+    notrack             => False
+    port                => 9201
+    desc                => 
+    src_ips             => ['10.192.32.140', '10.64.48.148', '2620:0:860:103:10:192:32:140', '2620:0:861:107:10:64:48:148']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[alertmanager-prometheus-frack]

Parameters differences:

--- Nftables::Service[alertmanager-prometheus-frack].orig
+++ Nftables::Service[alertmanager-prometheus-frack]

+    notrack             => False
+    port                => 9093
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['FRACK_NETWORKS']

Nftables::Service[rsyncd_access_icinga-tmpfs]

Parameters differences:

--- Nftables::Service[rsyncd_access_icinga-tmpfs].orig
+++ Nftables::Service[rsyncd_access_icinga-tmpfs]

+    notrack             => False
+    port                => [873, 1873]
+    desc                => 
+    src_ips             => ['208.80.153.42', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[tcpircbot_allowed]

Parameters differences:

--- Nftables::Service[tcpircbot_allowed].orig
+++ Nftables::Service[tcpircbot_allowed]

+    notrack             => False
+    port                => 9200
+    desc                => 
+    src_ips             => ['10.192.0.19', '10.192.32.10', '10.192.32.49', '10.192.32.7', '10.192.43.9', '10.64.0.23', '10.64.16.154', '10.64.16.19', '10.64.16.93', '10.64.32.39', '103.102.166.10', '103.102.166.8', '185.15.58.37', '185.15.58.5', '185.15.59.2', '185.15.59.34', '195.200.68.37', '195.200.68.4', '198.35.26.34', '198.35.26.7', '2001:df2:e500:1:103:102:166:10', '2001:df2:e500:1:103:102:166:8', '208.80.153.107', '208.80.153.48', '208.80.153.74', '208.80.154.153', '208.80.154.6', '208.80.154.77', '2620:0:860:101:10:192:0:19', '2620:0:860:103:10:192:32:10', '2620:0:860:103:10:192:32:49', '2620:0:860:103:10:192:32:7', '2620:0:860:122:10:192:43:9', '2620:0:860:2:208:80:153:48', '2620:0:860:3:208:80:153:74', '2620:0:860:4:208:80:153:107', '2620:0:861:101:10:64:0:23', '2620:0:861:102:10:64:16:154', '2620:0:861:102:10:64:16:19', '2620:0:861:102:10:64:16:93', '2620:0:861:103:10:64:32:39', '2620:0:861:1:208:80:154:6', '2620:0:861:2:208:80:154:153', '2620:0:861:3:208:80:154:77', '2620:0:863:1:198:35:26:7', '2620:0:863:2:198:35:26:34', '2a02:ec80:300:1:185:15:59:2', '2a02:ec80:300:2:185:15:59:34', '2a02:ec80:600:1:185:15:58:5', '2a02:ec80:600:2:185:15:58:37', '2a02:ec80:700:1:195:200:68:4', '2a02:ec80:700:2:195:200:68:37']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[full-monitoring-metrics-access-udp]

Parameters differences:

--- Nftables::Service[full-monitoring-metrics-access-udp].orig
+++ Nftables::Service[full-monitoring-metrics-access-udp]

+    notrack             => False
+    desc                => 
+    src_ips             => ['10.64.0.82', '10.64.16.62', '10.64.32.85', '10.64.48.171', '208.80.153.42', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:101:10:64:0:82', '2620:0:861:102:10:64:16:62', '2620:0:861:103:10:64:32:85', '2620:0:861:107:10:64:48:171', '2620:0:861:3:208:80:154:78']
+    proto               => udp
+    unrestricted_access => False
+    prio                => 10
+    port_range          => [1, 65535]
+    ensure              => present

Nftables::Service[icinga-nsca]

Parameters differences:

--- Nftables::Service[icinga-nsca].orig
+++ Nftables::Service[icinga-nsca]

+    notrack             => False
+    port                => 5667
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['DOMAIN_NETWORKS', 'FRACK_NETWORKS']

Nftables::Service[rsyncd_access_vopsbot-sync-db]

Parameters differences:

--- Nftables::Service[rsyncd_access_vopsbot-sync-db].orig
+++ Nftables::Service[rsyncd_access_vopsbot-sync-db]

+    notrack             => False
+    port                => [873, 1873]
+    desc                => 
+    src_ips             => ['208.80.153.42', '2620:0:860:2:208:80:153:42']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[alertmanager-irc]

Parameters differences:

--- Nftables::Service[alertmanager-irc].orig
+++ Nftables::Service[alertmanager-irc]

+    notrack             => False
+    port                => 19190
+    desc                => 
+    src_ips             => ['208.80.153.42', '208.80.154.78', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[rsyncd_access_icinga-cache]

Parameters differences:

--- Nftables::Service[rsyncd_access_icinga-cache].orig
+++ Nftables::Service[rsyncd_access_icinga-cache]

+    notrack             => False
+    port                => [873, 1873]
+    desc                => 
+    src_ips             => ['208.80.153.42', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[alertmanager-prometheus]

Parameters differences:

--- Nftables::Service[alertmanager-prometheus].orig
+++ Nftables::Service[alertmanager-prometheus]

+    notrack             => False
+    port                => 9093
+    desc                => 
+    src_ips             => ['10.128.2.3', '10.132.2.5', '10.136.1.24', '10.140.2.5', '10.192.0.160', '10.192.16.75', '10.192.32.160', '10.192.32.67', '10.192.39.10', '10.192.48.215', '10.192.9.11', '10.64.0.119', '10.64.0.82', '10.64.134.21', '10.64.16.62', '10.64.32.85', '10.64.48.167', '10.64.48.171', '10.80.2.5', '2001:df2:e500:103:10:132:2:5', '2620:0:860:101:10:192:0:160', '2620:0:860:102:10:192:16:75', '2620:0:860:103:10:192:32:160', '2620:0:860:103:10:192:32:67', '2620:0:860:104:10:192:48:215', '2620:0:860:10a:10:192:9:11', '2620:0:860:11e:10:192:39:10', '2620:0:861:101:10:64:0:119', '2620:0:861:101:10:64:0:82', '2620:0:861:102:10:64:16:62', '2620:0:861:103:10:64:32:85', '2620:0:861:107:10:64:48:167', '2620:0:861:107:10:64:48:171', '2620:0:861:10d:10:64:134:21', '2620:0:863:103:10:128:2:3', '2a02:ec80:300:103:10:80:2:5', '2a02:ec80:600:102:10:136:1:24', '2a02:ec80:700:103:10:140:2:5']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[rsyncd_access_icinga-lib]

Parameters differences:

--- Nftables::Service[rsyncd_access_icinga-lib].orig
+++ Nftables::Service[rsyncd_access_icinga-lib]

+    notrack             => False
+    port                => [873, 1873]
+    desc                => 
+    src_ips             => ['208.80.153.42', '208.80.154.78', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[icinga-http]

Parameters differences:

--- Nftables::Service[icinga-http].orig
+++ Nftables::Service[icinga-http]

+    proto               => tcp
+    notrack             => False
+    unrestricted_access => False
+    port                => 80
+    prio                => 10
+    desc                => 
+    ensure              => present

Compilation results for alert1002.wikimedia.org: None system changes detected

Catalog differences

Summary

Resources only in the new catalog

Resources modified

Relevant files