From 5195d7f8910f7d1ce0895caa133b028a727f8622 Mon Sep 17 00:00:00 2001
From: Dan Prince <dprince@redhat.com>
Date: Wed, 20 Jul 2016 10:48:23 -0400
Subject: Composable firewall rules

Split out the firewall rules in puppet/hieradata/controller.yaml
into the composable services

Depends-On: Id370362ab57347b75b1ab25afda877885b047263
Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
---
 puppet/services/neutron-dhcp.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'puppet/services/neutron-dhcp.yaml')

diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index 5b903eac..1c57aa45 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -28,5 +28,13 @@ outputs:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
           - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
+            tripleo.neutron_dhcp.firewall_rules:
+              '115 neutron dhcp input':
+                proto: 'udp'
+                dport: 67
+              '116 neutron dhcp output':
+                proto: 'udp'
+                chain: 'OUTPUT'
+                dport: 68
       step_config: |
         include tripleo::profile::base::neutron::dhcp
-- 
cgit 1.2.3-korg