From 80697f766e4b468b369b3c01f47b8ab916e41473 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 14 Jan 2015 22:44:27 +0000
Subject: [PATCH] Add some keepalived iptables rules.

---
 inventory/group_vars/koji | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/inventory/group_vars/koji b/inventory/group_vars/koji
index bf83dcc71c..aadc15d88d 100644
--- a/inventory/group_vars/koji
+++ b/inventory/group_vars/koji
@@ -12,6 +12,9 @@ tcp_ports: [ 80, 443, 111, 2049,
 
 udp_ports: [ 111, 2049 ]
 
+# Needed for keepalived
+custom_rules: [ '-A INPUT -d 224.0.0.0/8 -j ACCEPT', '-A INPUT INPUT -p vrrp -j ACCEPT' ]
+
 fas_client_groups: sysadmin-releng
 
 # These are consumed by a task in roles/fedmsg/base/main.yml