From 80ce4224d52b62aec584bea0a6f588d157ad1e0e Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Wed, 27 Sep 2017 13:21:15 +0000
Subject: [PATCH] iptables changes for odcs, for new gluster.

---
 inventory/group_vars/odcs-backend      |  7 +++++--
 inventory/group_vars/odcs-backend-stg  |  7 +++++--
 inventory/group_vars/odcs-frontend     | 10 +++++++---
 inventory/group_vars/odcs-frontend-stg | 10 +++++++---
 4 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/inventory/group_vars/odcs-backend b/inventory/group_vars/odcs-backend
index 04a206081b..7c1bc8bba1 100644
--- a/inventory/group_vars/odcs-backend
+++ b/inventory/group_vars/odcs-backend
@@ -9,9 +9,12 @@ freezes: false
 tcp_ports: [
     3000, 3001, 3002, 3003,
     3004, 3005, 3006, 3007,
-    # This port is required by gluster
-    6996,
+    # These ports all required for gluster
+    111, 24007, 24008, 24009, 24010, 24011,
+    49152, 49153, 49154, 49155,
 ]
+# Also for gluster.
+udp_ports: [ 111 ]
 
 # These people get told when something goes wrong.
 fedmsg_error_recipients:
diff --git a/inventory/group_vars/odcs-backend-stg b/inventory/group_vars/odcs-backend-stg
index 3f6900c287..e48a95c2db 100644
--- a/inventory/group_vars/odcs-backend-stg
+++ b/inventory/group_vars/odcs-backend-stg
@@ -9,9 +9,12 @@ freezes: false
 tcp_ports: [
     3000, 3001, 3002, 3003,
     3004, 3005, 3006, 3007,
-    # This port is required by gluster
-    6996,
+    # These ports all required for gluster
+    111, 24007, 24008, 24009, 24010, 24011,
+    49152, 49153, 49154, 49155,
 ]
+# Also for gluster.
+udp_ports: [ 111 ]
 
 # These people get told when something goes wrong.
 fedmsg_error_recipients:
diff --git a/inventory/group_vars/odcs-frontend b/inventory/group_vars/odcs-frontend
index 13bbf2f609..11ec8b98ee 100644
--- a/inventory/group_vars/odcs-frontend
+++ b/inventory/group_vars/odcs-frontend
@@ -14,10 +14,14 @@ wsgi_fedmsg_service: odcs
 wsgi_procs: 2
 wsgi_threads: 2
 
-tcp_ports: [ 80,
-    # This port is required by gluster
-    6996,
+tcp_ports: [
+    80,
+    # These ports all required for gluster
+    111, 24007, 24008, 24009, 24010, 24011,
+    49152, 49153, 49154, 49155,
 ]
+# Also for gluster.
+udp_ports: [ 111 ]
 
 # Neeed for rsync from log01 for logs.
 custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
diff --git a/inventory/group_vars/odcs-frontend-stg b/inventory/group_vars/odcs-frontend-stg
index f2fffeea56..79b1af0556 100644
--- a/inventory/group_vars/odcs-frontend-stg
+++ b/inventory/group_vars/odcs-frontend-stg
@@ -14,10 +14,14 @@ wsgi_fedmsg_service: odcs
 wsgi_procs: 2
 wsgi_threads: 2
 
-tcp_ports: [ 80,
-    # This port is required by gluster
-    6996,
+tcp_ports: [
+    80,
+    # These ports all required for gluster
+    111, 24007, 24008, 24009, 24010, 24011,
+    49152, 49153, 49154, 49155,
 ]
+# Also for gluster.
+udp_ports: [ 111 ]
 
 # Neeed for rsync from log01 for logs.
 custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]