Dennis van Dok
7 years ago
2 changed files with 21 additions and 0 deletions
+ 8
- 0
iptables/rules.sls
View File
| @@ -5,6 +5,14 @@ | |||
| {%- if chain.policy is defined %} | |||
| iptables_{{ chain_name }}_policy: | |||
| iptables.set_policy: | |||
| - family: ipv4 | |||
| - chain: {{ chain_name }} | |||
| - policy: {{ chain.policy }} | |||
| - table: filter | |||
| iptables_{{ chain_name }}_ipv6_policy: | |||
| iptables.set_policy: | |||
| - family: ipv6 | |||
| - chain: {{ chain_name }} | |||
| - policy: {{ chain.policy }} | |||
| - table: filter | |||
+ 13
- 0
iptables/service.sls
View File
| @@ -36,9 +36,22 @@ iptables_{{ chain_name }}_policy: | |||
| - table: filter | |||
| - require_in: | |||
| - iptables: iptables_flush | |||
| iptables_{{ chain_name }}_ipv6_policy: | |||
| iptables.set_policy: | |||
| - chain: {{ chain_name }} | |||
| - family: ipv6 | |||
| - policy: ACCEPT | |||
| - table: filter | |||
| - require_in: | |||
| - iptables: ip6tables_flush | |||
| {%- endfor %} | |||
| iptables_flush: | |||
| iptables.flush | |||
| ip6tables_flush: | |||
| iptables.flush: | |||
| - family: ipv6 | |||
| {%- endif %} | |||
Loading…