From 1135514bd4d8eb86cf5a32c856be36641a63c362 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Mon, 8 Jun 2020 13:26:41 -0700
Subject: [PATCH] osuosl: add mm-backend external ip for ssh on osuosl proxies
 so we can sync mm data.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/base/templates/iptables/iptables.osuosl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/base/templates/iptables/iptables.osuosl b/roles/base/templates/iptables/iptables.osuosl
index b5e23fbcea..4ecc5551d2 100644
--- a/roles/base/templates/iptables/iptables.osuosl
+++ b/roles/base/templates/iptables/iptables.osuosl
@@ -28,6 +28,8 @@
 -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -s 209.132.181.0/24 -j ACCEPT
 # external ip for iad2/batcave01
 -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -s 38.145.60.16 -j ACCEPT
+# external ip for iad2/mm-backend to sync mm data
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -s 38.145.60.3 -j ACCEPT
 
 # for nrpe - allow it from nocs
 -A INPUT -p tcp -m tcp --dport 5666 -s 192.168.1.10 -j ACCEPT