From 2bdc793c8cc99893db658aeb1321b74ca96a7110 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Tue, 30 Apr 2024 13:04:45 +0200
Subject: [PATCH] Allow Ceph traffic to lake2

---
 m/lake2/configuration.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/m/lake2/configuration.nix b/m/lake2/configuration.nix
index 934f6f7..8e19a12 100644
--- a/m/lake2/configuration.nix
+++ b/m/lake2/configuration.nix
@@ -51,6 +51,8 @@
         iptables -A nixos-fw -p tcp -s bay -j nixos-fw-accept
         # Accept monitoring requests from hut
         iptables -A nixos-fw -p tcp -s hut --dport 9002 -j nixos-fw-accept
+        # Accept all Ceph traffic from the local network
+        iptables -A nixos-fw -p tcp -s 10.0.40.0/24 -m multiport --dport 3300,6789,6800:7568 -j nixos-fw-accept
       '';
     };
   };