Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

iptables / kojibuilder: add some more ports needed by ipa-clients

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2021-03-29 15:20:00 -07:00
parent 801f96c950
commit fc2db16120
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
roles/base/templates/iptables/iptables.kojibuilder
View file

@ -80,6 +80,13 @@
-A OUTPUT -p tcp -m tcp -d 10.3.163.77 --dport 443 -j ACCEPT
# ipa client ports
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.54 --dport 389 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.55 --dport 389 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.3.163.104 --dport 389 -j ACCEPT
@ -98,6 +105,9 @@
-A OUTPUT -p udp -m udp -d 10.3.163.54 --dport 464 -j ACCEPT
-A OUTPUT -p udp -m udp -d 10.3.163.55 --dport 464 -j ACCEPT
-A OUTPUT -p udp -m udp -d 10.3.163.104 --dport 464 -j ACCEPT
-A OUTPUT -p udp -m udp -d 10.3.163.54 --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp -d 10.3.163.55 --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp -d 10.3.163.104 --dport 53 -j ACCEPT
#nfs to vtap-fedora-nfs01.storage.phx2.redhat.com - a little to wide-open - but
# kinda necessary