salt
/
iptables-formula
forked from ExternalMirrors/iptables-formula
Watch 1
Star 0
Fork 0
Code Releases 6 Activity
Saltstack Official IPTables Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 Commits
2 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
iptables-formula/iptables/map.jinja

86 lines
2.4KB
Raw Permalink Blame History 

  1. {% set schema = salt['grains.filter_by']({

  2.     'default': {

  3.     },

  4. }, grain='os_family', merge=salt['pillar.get']('iptables:schema')) %}

  5. 

  6. {% set service = salt['grains.filter_by']({

  7.     'RedHat': {

  8.         'v4': {

  9.             'enabled': true,

  10.             'persistent_config': '/etc/sysconfig/iptables',

  11.             'pkgs': [' iptables' ],

  12.             'service': 'iptables',

  13.             'modules': [],

  14.         },

  15.         'v6': {

  16.             'enabled': true,

  17.             'persistent_config': '/etc/sysconfig/ip6tables',

  18.             'pkgs': [ 'iptables' ],

  19.             'service': 'iptables',

  20.             'modules': [],

  21.         },

  22.     },

  23.     'Debian': {

  24.         'v4': {

  25.             'enabled': true,

  26.             'persistent_config': '/etc/iptables/rules.v4',

  27.             'pkgs': [ 'iptables','iptables-persistent' ],

  28.             'service': 'netfilter-persistent',

  29.             'modules': [ 'iptable_filter', 'ip_tables' ],

  30.         },

  31.         'v6': {

  32.             'enabled': true,

  33.             'persistent_config': '/etc/iptables/rules.v6',

  34.             'pkgs': [ 'iptables','iptables-persistent' ],

  35.             'service': 'netfilter-persistent',

  36.             'modules': [ 'ip6table_filter', 'ip6_tables' ],

  37.         },

  38.     },

  39. }, grain='os_family', merge=salt['pillar.get']('iptables:service')) %}

  40. 

  41. {% set defaults = salt['grains.filter_by']({

  42.     'default': {

  43.         'v4': {

  44.             'metadata_rules': false,

  45.             'policy': 'ACCEPT',

  46.             'ruleset': {

  47.                 'action': 'ACCEPT',

  48.                 'params': '',

  49.                 'rule': '',

  50.             },

  51.         },

  52.         'v6': {

  53.             'metadata_rules': false,

  54.             'policy': 'ACCEPT',

  55.             'ruleset': {

  56.                 'action': 'ACCEPT',

  57.                 'params': '',

  58.                 'rule': '',

  59.             },

  60.         },

  61.     },

  62. }, grain='os_family', merge=salt['pillar.get']('iptables:defaults')) %}

  63. 

  64. {% set tables = salt['grains.filter_by']({

  65.     'default': {

  66.         'v4': {

  67.             'filter': {

  68.                 'chains': {

  69.                     'INPUT': {},

  70.                     'OUTPUT': {},

  71.                     'FORWARD': {},

  72.                 },

  73.             },

  74.         },

  75.         'v6': {

  76.             'filter': {

  77.                 'chains': {

  78.                     'INPUT': {},

  79.                     'OUTPUT': {},

  80.                     'FORWARD': {},

  81.                 },

  82.             },

  83.         },

  84.     },

  85. }, grain='os_family', merge=salt['pillar.get']('iptables:tables')) %}