Saltstack Official FirewallD Formula
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
-
- # == State: firewalld
- #
- # This state installs/runs firewalld.
- #
- {% from "firewalld/map.jinja" import firewalld with context %}
-
- {% if salt['pillar.get']('firewalld:enabled') %}
- include:
- - firewalld.config
- - firewalld.ipsets
- - firewalld.services
- - firewalld.zones
-
- # iptables service that comes with rhel/centos
- iptables:
- service.disabled:
- - enable: False
-
- ip6tables:
- service.disabled:
- - enable: False
-
- package_firewalld:
- pkg.installed:
- - name: {{ firewalld.package }}
-
- service_firewalld_running:
- service.running:
- - name: {{ firewalld.service }}
- - enable: True # start on boot
- - require:
- - pkg: package_firewalld
- - file: config_firewalld
- - service: iptables # ensure it's stopped
- - service: ip6tables # ensure it's stopped
-
- service_firewalld:
- module.wait:
- - name: service.restart
- - m_name: {{ firewalld.service }}
- - require:
- - pkg: package_firewalld
- - file: config_firewalld
- - service: iptables # ensure it's stopped
- - service: ip6tables # ensure it's stopped
-
- {% else %}
- service_firewalld_dead:
- service.dead:
- - name: {{ firewalld.service }}
- - enable: False # don't start on boot
- {% endif %}
|
