From 4d3747d58d1d11b2497268b9be7359085e43c4d0 Mon Sep 17 00:00:00 2001
From: don sizemore <don.sizemore@gmail.com>
Date: Wed, 9 Mar 2016 14:56:16 -0500
Subject: [PATCH] #8 allow irods.icat.db_port to icat

---
 ansible/roles/iptables/templates/iptables.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ansible/roles/iptables/templates/iptables.j2 b/ansible/roles/iptables/templates/iptables.j2
index 228857dd7..4f1ba17d5 100644
--- a/ansible/roles/iptables/templates/iptables.j2
+++ b/ansible/roles/iptables/templates/iptables.j2
@@ -108,6 +108,7 @@
 -A INPUT -m state --state NEW -m tcp -p tcp -s {{ net.trust }} --dport {{ irods.port }} -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp -s {{ net.trust }} --dport {{ irods.portrange }} -j ACCEPT
 -A INPUT -m state --state NEW -m udp -p udp -s {{ net.trust }} --dport {{ irods.portrange }} -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp -s {{ net.dmz }} --dport {{ irods.icat.db_port }} -J ACCEPT
 {% endif %}
 
 {% if inventory_hostname in groups['jex'] %}