fbb-www - korrektur ADSL

diff --git a/customer/fbb-www/production.yaml b/customer/fbb-www/production.yaml
index a4f15c45b1819ab49434ce73e5f219e8a1907af7..2700a8e9236a65f4af11d5a1ba9c24f77fab35c1 100644 (file)
--- a/customer/fbb-www/production.yaml
+++ b/customer/fbb-www/production.yaml
@@ -663,35 +663,39 @@ infra::profile::apache::pp_vhosts:
     setenvif:
       - 'HTTPS on X-Forwarded-Proto=https'
       - 'HTTPS on HTTPS=on'
+      #ADSL
       # 82.145.10.128/29
-      - 'Client-IP "82\.145\.10\.(129|130|131|132|133|134)" AdslZugriffErlaubt'
+      - 'Remote_Addr "82\.145\.10\.(129|130|131|132|133|134)" AdslZugriffErlaubt'
       # 82.145.10.136/29
-      - 'Client-IP "82\.145\.10\.(137|138|139|140|141|142)" AdslZugriffErlaubt'
+      - 'Remote_Addr "82\.145\.10\.(137|138|139|140|141|142)" AdslZugriffErlaubt'
       # 194.174.73.0/24
-      - 'Client-IP "194\.174\.73\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "194\.174\.73\.\d+" AdslZugriffErlaubt'
       # 194.174.78.0/24
-      - 'Client-IP "194\.174\.78\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "194\.174\.78\.\d+" AdslZugriffErlaubt'
       # Provider Versatel
-      - 'Client-IP "62\.220\.27\.106" AdslZugriffErlaubt'
+      - 'Remote_Addr "62\.220\.27\.106" AdslZugriffErlaubt'
       # 172.18.49.24 und  172.18.39.22
-      - 'Client-IP "172\.18\.[3-4]9\.2(2|4)" AdslZugriffErlaubt'
+      - 'Remote_Addr "172\.18\.[3-4]9\.2(2|4)" AdslZugriffErlaubt'
       # 82.144.58.192/26
-      - 'Client-IP "82\.144\.58\.(19[3-9]|2\d\d)" AdslZugriffErlaubt'
-      - 'Client-IP "89\.247\.134\.34" AdslZugriffErlaubt'
-      - 'Client-IP "89\.247\.134\.67" AdslZugriffErlaubt'
+      - 'Remote_Addr "82\.144\.58\.(19[3-9]|2\d\d)" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.247\.134\.34" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.247\.134\.67" AdslZugriffErlaubt'
       # Nat pool FBB - 172.17.85.0/24
-      - 'Client-IP "172\.17\.85\.d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "172\.17\.85\.d+" AdslZugriffErlaubt'
       # Provider Vodafone
-      - 'Client-IP "89\.27\.163\.1(37|38|39|40|41|42)" AdslZugriffErlaubt'
-      - 'Client-IP "217\.66\.51\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "89\.27\.163\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "89\.27\.134\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "89\.27\.67\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "194\.174\.73\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "194\.174\.80\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "194\.174\.76\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "178\.8\.96\.\d+" AdslZugriffErlaubt'
-      - 'Client-IP "89\.\d+\.\d+\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.27\.163\.1(37|38|39|40|41|42)" AdslZugriffErlaubt'
+      - 'Remote_Addr "217\.66\.51\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.27\.163\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.27\.134\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.27\.67\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "194\.174\.80\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "194\.174\.76\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "178\.8\.96\.\d+" AdslZugriffErlaubt'
+      - 'Remote_Addr "89\.\d+\.\d+\.\d+" AdslZugriffErlaubt'
+      # From Location
+      - 'Remote_Addr "172\.18\.39\.22" AdslZugriffErlaubt'
+      - 'Remote_Addr "172\.18\.49\.24" AdslZugriffErlaubt'
+      - 'Remote_Addr "10\.99\.1\.10" AdslZugriffErlaubt'
     headers:
       - 'set X-Content-Type-Options: nosniff'
       - 'set X-XSS-Protection: "1; mode=block"'
@@ -823,8 +827,6 @@ infra::profile::apache::pp_vhosts:
       - provider: location
         path: /de/global/ADSL-info
         require:
-          - ip 172.18.39.22 172.18.49.24 194.174.73 194.174.78 217.66.51 10.99.1.10
-          - ip 89.27.163.36/29 89.27.134.34/24 89.27.134.67/24 194.174.73.0/24 194.174.80.0/24 194.174.76.0/24
           - env AdslZugriffErlaubt
     aliases:
       - { alias: /starsberlin , path: /var/data/flugdat/starsBerlin/ }