WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-24 18:41:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

[storinator] when adding hosts to mount a service make sure the firewall allows it in

Browse Source
This commit is contained in:
Stephen Smoogen
2020-02-18 19:53:28 +00:00
committed by Pierre-Yves Chibon
parent 77e8153b59
commit 37abcba778
1 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
inventory/host_vars/storinator01.fedorainfracloud.org
View File

@@ -27,18 +27,23 @@ udp_ports_eth1: [ 111, 2049 ]
custom_rules: [
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.163 --dport 111 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.179 --dport 111 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.163 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.179 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.163 --dport 20048 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.163 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.179 --dport 111 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.179 --dport 20048 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.163 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.179 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.163 --dport 2049 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.179 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.179 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.48 --dport 111 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.48 --dport 20048 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 209.132.184.48 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 38.145.48.11/27 --dport 111 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 38.145.48.11/27 --dport 2049 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 38.145.48.11/27 --dport 20048 -j ACCEPT',
'-A INPUT -p tcp -m tcp -i eth0 -s 38.145.48.11/27 --dport 2049 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.163 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.163 --dport 2049 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.179 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.179 --dport 2049 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.48 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 209.132.184.48 --dport 2049 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 38.145.48.11/27 --dport 111 -j ACCEPT',
'-A INPUT -p udp -m udp -i eth0 -s 38.145.48.11/27 --dport 2049 -j ACCEPT',
]