Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Allow mmfrontend-checkin to connect to VPN

Browse source 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk 2018-01-13 13:59:46 +00:00
parent 9ac07ad1b4
commit c18ea6b658
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/base/templates/iptables/iptables.mm-frontend-checkin01.phx2.fedoraproject.org
View file

@ -46,6 +46,10 @@
-A OUTPUT --dst 10.5.126.51 -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT --dst 10.5.126.52 -p tcp -m tcp --dport 443 -j ACCEPT
# Allow VPN access
-A OUTPUT --dst 10.5.126.11 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT --dst 10.5.126.12 -p udp -m udp --dport 1194 -j ACCEPT
# otherwise kick everything out
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited