ExternalMirrors
/
iptables-formula
Mirror von https://github.com/salt-formulas/salt-formula-iptables
Beobachten 1
Favorisieren 0
Fork 1
Code Issues 0 Releases 6 Wiki Aktivität
Saltstack Official IPTables Formula
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
56 Commits
2 Branches
Struktur: e1b3f134d9
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „e1b3f134d9“
${ noResults }
iptables-formula/iptables/_rule.sls

83 Zeilen
2.5KB
Originalformat Blame Verlauf 

  1. iptables_{{ chain_name }}_{{ rule_name }}:

  2.   {%- if rule.position is defined %}

  3.   iptables.insert:

  4.   - position: {{ rule.position }}

  5.   {%- else %}

  6.   iptables.append:

  7.   {%- if loop.index != 1 %}

  8.   - require:

  9.     - iptables: iptables_{{ chain_name }}_{% if service_name is defined %}{{ service_name }}_{% endif %}{{ loop.index - 1 }}

  10.   {%- endif %}

  11.   {%- endif %}

  12.   - table: {{ rule.get('table', 'filter') }}

  13.   - chain: {{ chain_name }}

  14.   {%- if rule.family is defined %}

  15.   - family: {{ rule.family }}

  16.   {%- endif %}

  17.   {%- if rule.jump is defined %}

  18.   - jump: {{ rule.jump }}

  19.   {%- endif %}

  20.   {%- if rule.match is defined %}

  21.   - match: {{ rule.match }}

  22.   {%- endif %}

  23.   {%- if rule.comment is defined %}

  24.   - comment: {{ rule.comment }}

  25.   {%- endif %}

  26.   {%- if rule.connection_state is defined %}

  27.   - connstate: {{ rule.connection_state }}

  28.   {%- endif %}

  29.   {%- if rule.protocol is defined %}

  30.   - proto: {{ rule.protocol }}

  31.   {%- endif %}

  32.   {%- if rule.destination_port is defined %}

  33.   - dport: {{ rule.destination_port }}

  34.   {%- endif %}

  35.   {%- if rule.destination_ports is defined %}

  36.   - dports:

  37.   {%- for port in rule.destination_ports %}

  38.     - {{ port }}

  39.   {% endfor %}

  40.   {%- endif %}

  41.   {%- if rule.source_port is defined %}

  42.   - sport: {{ rule.source_port }}

  43.   {%- endif %}

  44.   {%- if rule.in_interface is defined %}

  45.   - in-interface: {{ rule.in_interface }}

  46.   {%- endif %}

  47.   {%- if rule.out_interface is defined %}

  48.   - out-interface: {{ rule.out_interface }}

  49.   {%- endif %}

  50.   {%- if rule.to_destination is defined %}

  51.   - to-destination: {{ rule.to_destination }}

  52.   {%- endif %}

  53.   {%- if rule.to_port is defined %}

  54.   - to-port: {{ rule.to_port }}

  55.   {%- endif %}

  56.   {%- if rule.to_source is defined %}

  57.   - to-source: {{ rule.to_source }}

  58.   {%- endif %}

  59.   {%-  if rule.source_network is defined %}

  60.   - source: {{ rule.source_network }}

  61.   {%- endif %}

  62.   {%-  if rule.destination_network is defined %}

  63.   - destination: {{ rule.destination_network }}

  64.   {%- endif %}

  65.   {%-  if rule.log_prefix is defined %}

  66.   - log-prefix: '{{ rule.log_prefix }}'

  67.   {%- endif %}

  68.   {%-  if rule.log_level is defined %}

  69.   - log-level: {{ rule.log_level }}

  70.   {%- endif %}

  71.   {%-  if rule.limit is defined %}

  72.   - limit: '{{ rule.limit }}'

  73.   {%- endif %}

  74.   {%- if chain.policy is defined %}

  75.   - require_in:

  76.     - iptables: iptables_{{ chain_name }}_policy

  77.   {%- endif %}

  78.   {%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %}

  79.   - require:

  80.     - iptables: iptables_{{ chain_name }}{% if rule.family is defined %}_{{ rule.family }}{% endif %}

  81.   {%- endif %}

  82.   - save: True