From b435f615dacf1c4ec25a21c21e259888fe778a07 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 26 Jun 2019 18:36:21 +0000
Subject: [PATCH] unbound / iptables: allow new cloud network to also do
 queries.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 inventory/group_vars/unbound | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/inventory/group_vars/unbound b/inventory/group_vars/unbound
index 03fa96c7bb..3bac42cf1d 100644
--- a/inventory/group_vars/unbound
+++ b/inventory/group_vars/unbound
@@ -6,6 +6,8 @@ num_cpus: 2
 tcp_ports: [ 80, 443 ]
 custom_rules: [ '-A INPUT -p tcp -m tcp -s 209.132.184.0/24 --dport 53 -j ACCEPT',
                 '-A INPUT -p udp -m udp -s 209.132.184.0/24 --dport 53 -j ACCEPT',
+                '-A INPUT -p udp -m udp -s 38.145.48.0/23 --dport 53 -j ACCEPT',
+                '-A INPUT -p tcp -m tcp -s 38.145.48.0/23 --dport 53 -j ACCEPT',
                 '-A INPUT -p tcp -m tcp -s 209.132.181.0/24 --dport 53 -j ACCEPT',
                 '-A INPUT -p udp -m udp -s 209.132.181.0/24 --dport 53 -j ACCEPT' ]