From 748390515c07712204419bcdf3f6298055885eca Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 12 Mar 2015 15:34:04 +0000 Subject: [PATCH] We need to allow arm01-retrace00 to talk to nfs and postgres on retrace01. --- inventory/group_vars/retrace | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/inventory/group_vars/retrace b/inventory/group_vars/retrace index 439d11ee1f..145ec48aab 100644 --- a/inventory/group_vars/retrace +++ b/inventory/group_vars/retrace @@ -5,5 +5,9 @@ sudoers: "{{ private }}/files/sudo/arm-retrace-sudoers" tcp_ports: [ 80, 443 ] +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 2049 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 5432 -j ACCEPT' ] + + nrpe_procs_warn: 900 nrpe_procs_crit: 1000