From 84d8226c5d1bc51832dd0650956ee820be99394e Mon Sep 17 00:00:00 2001
From: Sergio Oliveira <sergio@tracy.com.br>
Date: Mon, 4 May 2015 18:32:38 -0300
Subject: [PATCH] Allow SMTP connections to email host

---
 cookbooks/firewall/templates/host-email/iptables-filter.erb | 6 ++++++
 1 file changed, 6 insertions(+), 0 deletions(-)
 create mode 100644 cookbooks/firewall/templates/host-email/iptables-filter.erb

diff --git a/cookbooks/firewall/templates/host-email/iptables-filter.erb b/cookbooks/firewall/templates/host-email/iptables-filter.erb
new file mode 100644
index 0000000..5c607c9
--- /dev/null
+++ b/cookbooks/firewall/templates/host-email/iptables-filter.erb
@@ -0,0 +1,6 @@
+
+# Allow access to Postfix
+-A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW --dport 25 -j ACCEPT
+-A INPUT -s <%= node['peers']['social'] %> -p tcp -m state --state NEW --dport 25 -j ACCEPT
+-A INPUT -s <%= node['peers']['database'] %> -p tcp -m state --state NEW --dport 25 -j ACCEPT
+-A INPUT -s <%= node['peers']['reverseproxy'] %> -p tcp -m state --state NEW --dport 25 -j ACCEPT
--
libgit2 0.21.2