we need to allow the builders to talk to the ntp servers to make sure they
have correct time.
diff --git a/manifests/servergroups/build.pp b/manifests/servergroups/build.pp
index 0c222ef..181ce5c 100644
--- a/manifests/servergroups/build.pp
+++ b/manifests/servergroups/build.pp
@@ -18,6 +18,10 @@ class build {
custom => [ '-A OUTPUT -d 127.0.0.0/8 -j ACCEPT',
'-A OUTPUT -d 10.0.0.0/8 -j ACCEPT',
'-A OUTPUT -d 209.132.176.0/24 -j ACCEPT',
+ '-A OUTPUT -m udp -p udp -dport 123 -d 66.187.233.4 -j
ACCEPT',
+ '-A OUTPUT -m udp -p udp -dport 123 -d 192.43.244.18 -j
ACCEPT',
+ '-A OUTPUT -m udp -p udp -dport 123 -d 128.118.25.5 -j
ACCEPT',
+ '-A OUTPUT -m udp -p udp -dport 123 -d 204.152.184.72 -j
ACCEPT',
'-A OUTPUT -m tcp -p tcp -j REJECT',
'-A OUTPUT -m udp -p udp -j REJECT' ]
}
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
