salt
/
iptables-formula
forked from ExternalMirrors/iptables-formula
Watch 1
Star 0
Fork 0
Code Releases 6 Activity
Browse Source

Merge "Create all chains before any rules"

master
Ondrej Smola 6 years ago
parent
e1b3f134d9 d22315fbb9
commit
ad8648f61f
2 changed files with 6 additions and 1 deletions
Unified View Show Diff Stats
  1. +5
    -1
      iptables/_rule.sls
  2. +1
    -0
      iptables/rules.sls

+ 5
- 1
iptables/_rule.sls View File

- position: {{ rule.position }} - position: {{ rule.position }}
{%- else %} {%- else %}
iptables.append: iptables.append:
{%- if loop.index != 1 %}
- require: - require:
{%- if loop.index != 1 %}
- iptables: iptables_{{ chain_name }}_{% if service_name is defined %}{{ service_name }}_{% endif %}{{ loop.index - 1 }} - iptables: iptables_{{ chain_name }}_{% if service_name is defined %}{{ service_name }}_{% endif %}{{ loop.index - 1 }}
{%- else %}
{%- for chain in chains %}
- iptables: iptables_{{ chain }}
{%- endfor %}
{%- endif %} {%- endif %}
{%- endif %} {%- endif %}
- table: {{ rule.get('table', 'filter') }} - table: {{ rule.get('table', 'filter') }}

+ 1
- 0
iptables/rules.sls View File

{% from "iptables/map.jinja" import service with context %} {% from "iptables/map.jinja" import service with context %}
{%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %} {%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %}


{%- set chains = service.get('chain', {}).keys() %}
{%- for chain_name, chain in service.get('chain', {}).iteritems() %} {%- for chain_name, chain in service.get('chain', {}).iteritems() %}


iptables_{{ chain_name }}: iptables_{{ chain_name }}:

Write Preview
Loading…
Cancel
Save