From 183d692c5c9f931aef2ae3a60d0421bfc08b506c Mon Sep 17 00:00:00 2001
From: Alex Kotov <kotovalexarian@gmail.com>
Date: Mon, 13 Jul 2020 17:18:32 +0500
Subject: [PATCH] Fix iptables for "postgres"

---
 group_vars/postgres.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/group_vars/postgres.yml b/group_vars/postgres.yml
index 374ba54..fff8d77 100644
--- a/group_vars/postgres.yml
+++ b/group_vars/postgres.yml
@@ -9,8 +9,8 @@ common__iptables__v4_filter: |
   -A OUTPUT -p tcp --sport 5432 -d 10.133.8.214/32    -m conntrack --ctstate ESTABLISHED     -j ACCEPT
 
   # Deny other PostgreSQL.
-  -A INPUT  --dport 5432 -j REJECT
-  -A OUTPUT --sport 5432 -j REJECT
+  -A INPUT  -p tcp --dport 5432 -j REJECT
+  -A OUTPUT -p tcp --sport 5432 -j REJECT
 
 common__iptables__v6_filter: |
   # Allow incoming PostgreSQL from specific hosts.
@@ -18,8 +18,8 @@ common__iptables__v6_filter: |
   -A OUTPUT -p tcp --sport 5432 -d 2a03:b0c0:2:f0::142:3001/128 -m conntrack --ctstate ESTABLISHED     -j ACCEPT
 
   # Deny other PostgreSQL.
-  -A INPUT  --dport 5432 -j REJECT
-  -A OUTPUT --sport 5432 -j REJECT
+  -A INPUT  -p tcp --dport 5432 -j REJECT
+  -A OUTPUT -p tcp --sport 5432 -j REJECT
 
 postgresql_backups_dir: '/var/lib/postgresql/backups/12/main'