From e7b4c32b2a04691f47368b7de447c82f349a0ee7 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Fri, 8 Jan 2016 21:08:29 +0200
Subject: [PATCH] Allow DNS and DHCP from nspawnbr0.

---
 tasks/main.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tasks/main.yml b/tasks/main.yml
index b4ef326..88bfb36 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -32,6 +32,18 @@
     direction: routed
     policy: allow
 
+- name: Allow DHCP, DNS in UFW
+  with_items:
+  - 53
+  - 67
+  - 68
+  ufw:
+    interface: nspawnbr0
+    policy: allow
+    proto: udp
+    rule: allow
+    to_port: '{{ item }}'
+
 - name: Configure systemd-networkd
   with_fileglob:
   - '*.netdev'
-- 
GitLab