From 824eb9f92f8ed8b4de65d3a32b2d3f0cee24925b Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Thu, 14 May 2015 23:38:46 +0200
Subject: Allow outgoing HKP and WHOIS traffic on the LDAP provider.

---
 roles/common/templates/etc/iptables/services.j2 | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'roles')

diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2
index 1ff8778..25a20f7 100644
--- a/roles/common/templates/etc/iptables/services.j2
+++ b/roles/common/templates/etc/iptables/services.j2
@@ -59,3 +59,8 @@ out    tcp      993                                     # IMAP
 out    tcp      4190
 {% endif %}
 {% endif %}
+
+{% if 'LDAP-provider' in group_names %}
+out     tcp     11371                                   # HKP
+out     tcp     43                                      # WHOIS
+{% endif %}
-- 
cgit v1.2.3