From 72f28bac6e06cd0266486db213a2a500d6fea6ed Mon Sep 17 00:00:00 2001
From: Dennis Gilmore <ausil@fedoraproject.org>
Date: Tue, 24 Mar 2015 17:02:13 +0000
Subject: [PATCH] add iptables rules so fasclient and 2 facter auth can work

---
 roles/base/templates/iptables/iptables.kojibuilder | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/base/templates/iptables/iptables.kojibuilder b/roles/base/templates/iptables/iptables.kojibuilder
index 211c406c3c..a8ce5e6106 100644
--- a/roles/base/templates/iptables/iptables.kojibuilder
+++ b/roles/base/templates/iptables/iptables.kojibuilder
@@ -64,6 +64,12 @@
 -A OUTPUT -m tcp -p tcp --dport 9418 -d 66.135.62.191 -j ACCEPT
 -A OUTPUT -m udp -p udp --dport 9418 -d 66.135.62.191 -j ACCEPT
 
+# admin.fedoraproject.org  for fas
+-A OUTPUT -p tcp -m tcp -d admin.fedoraproject.org --dport 80 -j ACCEPT
+-A OUTPUT -p tcp -m tcp -d admin.phx2.fedoraproject.org --dport 443 -j ACCEPT
+# for 2 facter auth
+-A OUTPUT -p tcp -m tcp -d fas-all.phx2.fedoraproject.org --dport 8443 -j ACCEPT
+
 #nfs to vtap-fedora-nfs01.storage.phx2.redhat.com - a little to wide-open - but 
 # kinda necessary
 -A INPUT -m tcp -p tcp -s 10.5.88.36 -j ACCEPT