Adding iptables rules for Mezuro machine

Signed-off-by: Diego Araújo <diegoamc90@gmail.com>

Adding iptables rules for Mezuro machine
Signed-off-by: Diego Araújo <diegoamc90@gmail.com>
Paulo Tada · Rafael Manzo
1 parent 93b20fa7
Showing 3 changed files with 3 additions and 0 deletions Show diff stats
cookbooks/firewall/templates/host-database/iptables-filter.erb
cookbooks/firewall/templates/host-mezuro/iptables-filter.erb
cookbooks/firewall/templates/host-mezuro/iptables-nat.erb
@@ -2,6 +2,7 @@
 # Allow access to PostgreSQL
 -A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
 -A INPUT -s <%= node['peers']['social'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
+-A INPUT -s <%= node['peers']['mezuro'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
  
 # Allow access to Redis
 -A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW --dport 6379 -j ACCEPT
@@ -0,0 +1,2 @@
+# Allow mezuro connect to HTTP
+-A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW -m multiport --dports 8082 -j ACCEPT
...	...	@@ -2,6 +2,7 @@
2	2	# Allow access to PostgreSQL
3	3	-A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
4	4	-A INPUT -s <%= node['peers']['social'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
	5	+-A INPUT -s <%= node['peers']['mezuro'] %> -p tcp -m state --state NEW --dport 5432 -j ACCEPT
5	6
6	7	# Allow access to Redis
7	8	-A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW --dport 6379 -j ACCEPT
...	...
...	...	@@ -0,0 +1,2 @@
	1	+# Allow mezuro connect to HTTP
	2	+-A INPUT -s <%= node['peers']['integration'] %> -p tcp -m state --state NEW -m multiport --dports 8082 -j ACCEPT
...	...