From cbe0963aa9cf195762ed8af5b611c9908093386b Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sat, 27 Apr 2019 18:47:27 +0000
Subject: [PATCH] cloud-noc01: adjust firewall rules: allow communishift
 network, open port 124 for ntp

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 inventory/host_vars/cloud-noc01.cloud.fedoraproject.org | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/inventory/host_vars/cloud-noc01.cloud.fedoraproject.org b/inventory/host_vars/cloud-noc01.cloud.fedoraproject.org
index ec75086264..dba20c3fae 100644
--- a/inventory/host_vars/cloud-noc01.cloud.fedoraproject.org
+++ b/inventory/host_vars/cloud-noc01.cloud.fedoraproject.org
@@ -18,11 +18,18 @@ custom_rules: [ '-A INPUT -i br0 -p tcp -m tcp -s 209.132.184.0/24  --dport 67 -
                 '-A INPUT -i br0 -p udp -m udp -s 209.132.184.0/24  --dport 67 -j ACCEPT',
                 '-A INPUT -i br0 -p udp -m udp -s 209.132.184.0/24  --dport 68 -j ACCEPT',
                 '-A INPUT -i br0 -p udp -m udp -s 209.132.184.0/24  --dport 69 -j ACCEPT',
+		'-A INPUT -i br0 -p tcp -m tcp -s 38.145.48.0/23  --dport 67 -j ACCEPT',
+                '-A INPUT -i br0 -p tcp -m tcp -s 38.145.48.0/23  --dport 68 -j ACCEPT',
+                '-A INPUT -i br0 -p tcp -m tcp -s 38.145.48.0/23  --dport 69 -j ACCEPT',
+                '-A INPUT -i br0 -p udp -m udp -s 38.145.48.0/23  --dport 67 -j ACCEPT',
+                '-A INPUT -i br0 -p udp -m udp -s 38.145.48.0/23  --dport 68 -j ACCEPT',
+                '-A INPUT -i br0 -p udp -m udp -s 38.145.48.0/23  --dport 69 -j ACCEPT',
                 '-A INPUT -i br1 -p tcp -m tcp -s 172.23.0.0/23  --dport 67 -j ACCEPT',
                 '-A INPUT -i br1 -p tcp -m tcp -s 172.23.0.0/23  --dport 68 -j ACCEPT',
                 '-A INPUT -i br1 -p tcp -m tcp -s 172.23.0.0/23  --dport 69 -j ACCEPT',
                 '-A INPUT -i br1 -p udp -m udp -s 172.23.0.0/23  --dport 67 -j ACCEPT',
                 '-A INPUT -i br1 -p udp -m udp -s 172.23.0.0/23  --dport 68 -j ACCEPT',
                 '-A INPUT -i br1 -p udp -m udp -s 172.23.0.0/23  --dport 69 -j ACCEPT',
-                '-A INPUT -i br0 -p udp -m udp -s 209.132.184.0/24 --dport 123 -j ACCEPT' ]
+                '-A INPUT -i br0 -p udp -m udp -s 209.132.184.0/24 --dport 124 -j ACCEPT' ]
+                '-A INPUT -i br0 -p udp -m udp -s 38.145.48.0/24 --dport 124 -j ACCEPT' ]