From bcf7aff6a58c9d9508d2ce01484d12970224c40c Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Thu, 12 Mar 2015 14:03:12 +0000
Subject: [PATCH] Annotate this list so its easier to understand.

---
 inventory/host_vars/db-fas01.phx2.fedoraproject.org | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/inventory/host_vars/db-fas01.phx2.fedoraproject.org b/inventory/host_vars/db-fas01.phx2.fedoraproject.org
index a2edfeb394..2f8556b37d 100644
--- a/inventory/host_vars/db-fas01.phx2.fedoraproject.org
+++ b/inventory/host_vars/db-fas01.phx2.fedoraproject.org
@@ -28,12 +28,19 @@ fas_client_groups: sysadmin-dba,sysadmin-noc
 # Only allow postgresql access from the frontend nodes and hosted.
 #
 custom_rules: [
+    # fas01, fas02, and fas03
     '-A INPUT -p tcp -m tcp -s 10.5.126.25   --dport 5432 -j ACCEPT',
     '-A INPUT -p tcp -m tcp -s 10.5.126.26   --dport 5432 -j ACCEPT',
     '-A INPUT -p tcp -m tcp -s 10.5.126.30   --dport 5432 -j ACCEPT',
+
+    # fedoauth01 and fedoauth02
     '-A INPUT -p tcp -m tcp -s 10.5.126.240  --dport 5432 -j ACCEPT',
     '-A INPUT -p tcp -m tcp -s 10.5.126.241  --dport 5432 -j ACCEPT' ,
+
+    # sundries02...
     '-A INPUT -p tcp -m tcp -s 10.5.126.41   --dport 5432 -j ACCEPT',
+
+    # hosted03 and hosted04 (over the vpn)
     '-A INPUT -p tcp -m tcp -s 192.168.1.16  --dport 5432 -j ACCEPT',
     '-A INPUT -p tcp -m tcp -s 192.168.1.102 --dport 5432 -j ACCEPT',
     ]