summaryrefslogtreecommitdiffstats
path: root/files/osbs
diff options
context:
space:
mode:
authorAdam Miller <admiller@redhat.com>2016-11-08 23:38:25 +0000
committerAdam Miller <admiller@redhat.com>2016-11-08 23:38:25 +0000
commit059337652b381bc5ff2ee1b8c9855036900014c0 (patch)
treeef8dea1804f32b9c50a391d2bbe679ac769a3913 /files/osbs
parent7f01af8a88225f18d2d784ce45dbcab7d84580c2 (diff)
downloadansible-059337652b381bc5ff2ee1b8c9855036900014c0.tar.gz
ansible-059337652b381bc5ff2ee1b8c9855036900014c0.tar.xz
ansible-059337652b381bc5ff2ee1b8c9855036900014c0.zip
apply fixes from Patrick for OSBS node dnsmasq and proxy iptables
Signed-off-by: Adam Miller <admiller@redhat.com>
Diffstat (limited to 'files/osbs')
-rw-r--r--files/osbs/fedora-dnsmasq.conf.staging2
-rw-r--r--files/osbs/fix-docker-iptables.staging4
2 files changed, 6 insertions, 0 deletions
diff --git a/files/osbs/fedora-dnsmasq.conf.staging b/files/osbs/fedora-dnsmasq.conf.staging
new file mode 100644
index 000000000..bf361767e
--- /dev/null
+++ b/files/osbs/fedora-dnsmasq.conf.staging
@@ -0,0 +1,2 @@
+server=/fedoraproject.org/10.5.126.21
+server=/fedoraproject.org/10.5.126.22
diff --git a/files/osbs/fix-docker-iptables.staging b/files/osbs/fix-docker-iptables.staging
index 72fa7d15d..99dc7ca71 100644
--- a/files/osbs/fix-docker-iptables.staging
+++ b/files/osbs/fix-docker-iptables.staging
@@ -67,5 +67,9 @@ iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.97 --dport 443 -j ACCEPT
iptables -A FILTER_FORWARD -p udp -m udp -d 8.8.8.8 --dport 53 -j ACCEPT
iptables -A FILTER_FORWARD -p udp -m udp -d 8.8.4.4 --dport 53 -j ACCEPT
+# proxy
+iptables -A FILTER_FORWARD -p tcp --dst 10.5.126.88 --dport 443 -j ACCEPT
+
+
iptables -A FILTER_FORWARD -j REJECT --reject-with icmp-host-prohibited