ExternalMirrors
/
firewalld-formula
ミラー元 https://github.com/saltstack-formulas/firewalld-formula
ウォッチ 1
スター 0
フォーク 1
コード 課題 0 リリース 14 Wiki アクティビティ
Saltstack Official FirewallD Formula
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
29 コミット
1 ブランチ
ツリー: 5904c75875
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'5904c75875' から
${ noResults }
firewalld-formula/firewalld/files/zone.xml

113 行
3.9KB
Raw Blame 履歴 

  1. <?xml version="1.0" encoding="utf-8"?>

  2. <zone{%- if 'target' in zone %} target="{{ zone.target }}"{%- endif %}>

  3.   {% if 'short' in zone %}<short>{{ zone.short }}</short>{% else %}<short>{{ name }}</short>{% endif %}

  4.   {% if 'description' in zone %}<description>{{ zone.description }}</description>{% endif %}

  5. 

  6. {%- if 'interfaces' in zone %}

  7.   {%- for v in zone.interfaces %}

  8.   <interface name="{{ v }}" />

  9.   {%- endfor %}

  10. {%- endif %}

  11. {%- if 'sources' in zone %}

  12.   {%- for v in zone.sources %}

  13.     {%- if 'comment' in v %}

  14.   <!-- {{ v.comment }} -->

  15.   <source address="{{ v.source }}" />

  16.     {%- else %}

  17.   <source address="{{ v }}" />

  18.     {%- endif %}

  19.   {%- endfor %}

  20. {%- endif %}

  21. {%- if 'services' in zone %}

  22.   {%- for v in zone.services %}

  23.   <service name="{{ v }}" />

  24.   {%- endfor %}

  25. {%- endif %}

  26. {%- if 'ports' in zone %}

  27.   {%- for v in zone.ports %}

  28.     {%- if 'comment' in v %}

  29.   <!-- {{ v.comment }} -->

  30.     {%- endif %}

  31.   <port port="{{ v.port }}" protocol="{{ v.protocol }}"/>

  32.   {%- endfor %}

  33. {%- endif %}

  34. {%- if 'icmp_blocks' in zone %}

  35.   {%- for v in zone.icmp_blocks %}

  36.   <icmp-block name="{{ v }}" />

  37.   {%- endfor %}

  38. {%- endif %}

  39. {%- if 'masquerade' in zone %}

  40.   {%- if zone.masquerade %}

  41.   <masquerade/>

  42.   {%- endif %}

  43. {%- endif %}

  44. {%- if 'forward_ports' in zone %}

  45.   {%- for v in zone.forward_ports %}

  46.     {%- if 'comment' in v %}

  47.   <!-- {{ v.comment }} -->

  48.     {%- endif %}

  49.   <forward-port port="{{ v.portid }}" protocol="{{ v.protocol }}"{%- if 'to_port' in v %} to-port="{{ v.to_port }}"{%- endif %}{%- if 'to_addr' in v %} to-addr="{{ v.to_addr }}"{%- endif %} />

  50.   {%- endfor %}

  51. {%- endif %}

  52. 

  53. {%- if 'rich_rules' in zone %}

  54.   {%- for rule in zone.rich_rules %}

  55.   {%- if 'family' in rule %}

  56.   <rule family="{{ rule.family }}">

  57.   {%- else %}

  58.   <rule>

  59.   {%- endif %}    

  60.   {%- if 'ipset' in rule %}

  61.     <source ipset="{{ rule.ipset.name }}"/>

  62.   {%- endif %}

  63.   {%- if 'source' in rule %}

  64.     <source address="{{ rule.source.address }}" {%- if 'invert' in rule.source %}invert="{{ rule.source.invert }}"{%- endif %}/>

  65.   {%- endif %}    

  66.   {%- if 'destination' in rule %}

  67.     <destination address="{{ rule.destination.address }}" {%- if 'invert' in rule.destination %}invert="{{ rule.destination.invert }}"{%- endif %}/>

  68.   {%- endif %}    

  69.   {%- if 'service' in rule %}

  70.     <service name="{{ rule.service }}"/>

  71.   {%- endif %}    

  72.   {%- if 'port' in rule %}

  73.     <port port="{{ rule.port.portid }}" protocol="{{ rule.port.protocol }}"/>

  74.   {%- endif %}    

  75.   {%- if 'protocol' in rule %}

  76.     <protocol value="{{ rule.protocol }}"/>

  77.   {%- endif %}    

  78.   {%- if 'icmp_block' in rule %}

  79.     <icmp_block name="{{ rule.icmp_block }}"/>

  80.   {%- endif %}    

  81.   {%- if 'masquerade' in rule %}

  82.     {%- if rule.masquerade %}<masquerade/>{%- endif %}

  83.   {%- endif %}    

  84.   {%- if 'forward_port' in rule %}

  85.     {%- if 'comment' in rule.forward_port %}

  86.       <!-- {{ rule.forward_port.comment }} -->

  87.     {%- endif %}

  88.     <forward-port port="{{ rule.forward_port.portid }}" protocol="{{ rule.forward_port.protocol }}"{%- if 'to_port' in rule.forward_port %} to-port="{{ rule.forward_port.to_port }}"{%- endif %}{%- if 'to_addr' in rule.forward_port %} to-addr="{{ rule.forward_port.to_addr }}"{%- endif %} />

  89.   {%- endif %}    

  90.   {%- if 'log' in rule %}

  91.     <log{%- if 'prefix' in rule.log %} prefix="{{ rule.log.prefix }}"{%- endif %}{%- if 'level' in rule.log %} level="{{ rule.log.level }}"{%- endif %}>

  92.     {%- if 'limit' in rule.log %}

  93.       <limit value="{{ rule.log.limit }}"/>

  94.     {%- endif %}

  95.     </log>

  96.   {%- endif %}    

  97.   {%- if 'audit' in rule %}

  98.     <audit>{%- if 'limit' in rule.audit %} <limit value="{{ rule.audit.limit }}"/>{%- endif %}</audit>

  99.   {%- endif %}    

  100.   {%- if 'accept' in rule %}

  101.     <accept/>

  102.   {%- endif %}    

  103.   {%- if 'reject' in rule %}

  104.     <reject{%- if 'type' in rule.reject %} type="{{ rule.reject.type }}"{%- endif %}/>

  105.   {%- endif %}    

  106.   {%- if 'drop' in rule %}

  107.     <drop/>

  108.   {%- endif %}    

  109.   </rule>

  110.   {%- endfor %}

  111. {%- endif %}

  112. </zone>