Saltstack Official FirewallD Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

init.sls 1.2KB

10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. # == State: firewalld
  2. #
  3. # This state installs/runs firewalld.
  4. #
  5. {% from "firewalld/map.jinja" import firewalld with context %}
  6. {% if salt['pillar.get']('firewalld:enabled') %}
  7. include:
  8. - firewalld.config
  9. - firewalld.ipsets
  10. - firewalld.services
  11. - firewalld.zones
  12. - firewalld.direct
  13. # iptables service that comes with rhel/centos
  14. iptables:
  15. service.disabled:
  16. - enable: False
  17. ip6tables:
  18. service.disabled:
  19. - enable: False
  20. package_firewalld:
  21. pkg.installed:
  22. - name: {{ firewalld.package }}
  23. service_firewalld_running:
  24. service.running:
  25. - name: {{ firewalld.service }}
  26. - enable: True # start on boot
  27. - require:
  28. - pkg: package_firewalld
  29. - file: config_firewalld
  30. - service: iptables # ensure it's stopped
  31. - service: ip6tables # ensure it's stopped
  32. service_firewalld:
  33. module.wait:
  34. - name: service.restart
  35. - m_name: {{ firewalld.service }}
  36. - require:
  37. - pkg: package_firewalld
  38. - file: config_firewalld
  39. - service: iptables # ensure it's stopped
  40. - service: ip6tables # ensure it's stopped
  41. {% else %}
  42. service_firewalld_dead:
  43. service.dead:
  44. - name: {{ firewalld.service }}
  45. - enable: False # don't start on boot
  46. {% endif %}