From d16ec626e1f95c0cc4d8b8b536019046f4c6f613 Mon Sep 17 00:00:00 2001
From: staticsafe <jogajog@sadiqsaif.com>
Date: Fri, 4 Oct 2019 09:42:15 -0400
Subject: [PATCH] add OUTPUT rules to allow DHCP on restricted nodes

---
 .../files/catsith.asininetech.net.rules.v4                       | 1 +
 .../files/deirdre.asininetech.net.rules.v4                       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v4 b/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v4
index e143ae6..6531910 100644
--- a/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v4
+++ b/ubuntu/roles/firewall-ruleset-deploy/files/catsith.asininetech.net.rules.v4
@@ -21,4 +21,5 @@
 -A OUTPUT -p tcp -m tcp --dport 587 -j ACCEPT
 -A OUTPUT -p tcp -m tcp --dport 5665 -j ACCEPT
 -A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
+-A OUTPUT -p udp -m udp --dports 67,68 -j ACCEPT
 COMMIT
diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4 b/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
index e9f43c3..c38c941 100644
--- a/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
+++ b/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
@@ -24,5 +24,6 @@
 -A OUTPUT -p tcp -m tcp --dport 587 -j ACCEPT
 -A OUTPUT -p tcp -m tcp --dport 5665 -j ACCEPT
 -A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
+-A OUTPUT -p udp -m udp --dports 67,68 -j ACCEPT
 COMMIT
 # Completed on Thu Aug 22 02:25:12 2019