---
nft_input_host_rules:
  400 allow kerberos:
    - udp dport { 88, 749, 111, 464 } ct state new accept
    - tcp dport { 88, 749, 111, 464 } ct state new accept

  401 allow ldap:
    - udp dport { 389, 636 } ct state new accept
    - tcp dport { 389, 636 } ct state new accept

# Nmap scan report for ldap.pantheon.lab.mpgn.dev (10.80.50.104)
# Host is up (0.00013s latency).
# Not shown: 993 closed tcp ports (reset)
# PORT    STATE SERVICE
# 22/tcp  open  ssh
# 88/tcp  open  kerberos-sec
# 111/tcp open  rpcbind
# 389/tcp open  ldap
# 464/tcp open  kpasswd5
# 636/tcp open  ldapssl
# 749/tcp open  kerberos-adm
# MAC Address: BC:24:11:D5:84:08 (Unknown)