From ed8c8221ca7a990b3c6fc54b7a3a7d7c60ef3121 Mon Sep 17 00:00:00 2001
From: Patrik Holmqvist <pahol@sunet.se>
Date: Wed, 2 Apr 2025 14:25:17 +0200
Subject: [PATCH] Lock down syslog port for log-test, SC-2522

---
 global/overlay/etc/puppet/cosmos-rules.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index 9b19c6e8..5e50e724 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -1364,6 +1364,17 @@ log-test-sto3-1.komreg.net:
    eid::log:
    sunet::rsyslog:
       udp_port: 514
+      udp_client:
+         - 89.45.236.201/32      # connector-test-sto3-1.komreg.net
+         - 2001:6b0:40::199/128  # connector-test-sto3-1.komreg.net
+         - 89.45.237.40/32       # connector-test-sto3-2.komreg.net
+         - 2001:6b0:40::14f/128  # connector-test-sto3-2.komreg.net
+         - 89.45.237.212/32      # connector-test-sto3-3.komreg.net
+         - 2001:6b0:40::140/128  # connector-test-sto3-3.komreg.net
+         - 89.45.236.56/32       # proxy-test-sto3-1.komreg.net
+         - 2001:6b0:40::36a/128  # proxy-test-sto3-1.komreg.net
+         - 89.45.237.141/32      # proxy-test-sto3-2.komreg.net
+         - 2001:6b0:40::20c/128  # proxy-test-sto3-2.komreg.net
    eid::telegraf2:
       server_type: 'log'