base / iptables / kojibuilder: add ipa ports for koji builder ipa clients
Note that this will not yet work, it needs the RHIT firewall between vlans opened on these ports first, but after that this is needed to allow them to use those ports. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
parent
ddf53bdbdf
commit
6bf8552e7f
1 changed files with 19 additions and 5 deletions
|
|
@ -78,12 +78,26 @@
|
|||
-A OUTPUT -p tcp -m tcp -d 10.3.163.76 --dport 443 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.77 --dport 80 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.77 --dport 443 -j ACCEPT
|
||||
# for 2 facter auth (fas-all)
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.74 --dport 8443 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.75 --dport 8443 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.76 --dport 8443 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.77 --dport 8443 -j ACCEPT
|
||||
|
||||
# ipa client ports
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 389 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 389 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 389 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 636 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 636 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 636 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.54 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.55 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.104 --dport 88 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 464 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 464 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 464 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.54 --dport 464 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.55 --dport 464 -j ACCEPT
|
||||
-A OUTPUT -p udp -m udp -d 10.3.163.104 --dport 464 -j ACCEPT
|
||||
|
||||
#nfs to vtap-fedora-nfs01.storage.phx2.redhat.com - a little to wide-open - but
|
||||
# kinda necessary
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue