From 7f46f6f88e2319507afd4dd67294a081f0cce385 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Wed, 7 Feb 2018 16:52:55 +0100
Subject: [PATCH] library/roles/iptables/templates/iptables-rules.v4.j2:
 Firewall rules for prometheus.

---
 iptables/templates/iptables-rules.v4.j2 | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/iptables/templates/iptables-rules.v4.j2 b/iptables/templates/iptables-rules.v4.j2
index 65d6e76..1b67fad 100644
--- a/iptables/templates/iptables-rules.v4.j2
+++ b/iptables/templates/iptables-rules.v4.j2
@@ -186,6 +186,16 @@
 -A INPUT -m pkttype --pkt-type multicast -d {{ orientdb_hazelcast_multicast_group }} -j ACCEPT
 -A INPUT -m state --state NEW -p tcp -m tcp --dport {{ orientdb_hazelcast_multicast_port }} -j ACCEPT
 {% endif %}
+# Prometheus exporters
+{% if prometheus_enabled is defined and prometheus_enabled %}
+{% if prometheus_servers_ip is defined %}
+{% for ip in prometheus_servers_ip %}
+-A INPUT -m state --state NEW -s {{ ip }} -p tcp -m tcp --dport 9100:9300 -j ACCEPT
+{% endfor %}
+{% else %}
+-A INPUT -m state --state NEW -p tcp -m tcp --dport 9100:9300 -j ACCEPT
+{% endif %}
+{% endif %}
 # Ganglia
 {% if ganglia_enabled is defined and ganglia_enabled %}
 {% if ganglia_gmond_cluster_port is defined %}