瀏覽代碼
Merge pull request #3 from phoerious/master
Allow multiple configurations for the same porttags/v0.2.0
Niels Abspoel
6 年之前
+ 12
- 0
README.md
查看文件
| @@ -62,6 +62,18 @@ ufw: | |||
| protocol: udp | |||
| ``` | |||
| Allow from a range of ports, tcp and udp | |||
| ``` | |||
| ufw: | |||
| services: | |||
| "10000:20000/tcp": | |||
| to_port: "10000:20000" | |||
| protocol: tcp | |||
| "10000:20000/udp": | |||
| to_port: "10000:20000" | |||
| protocol: udp | |||
| ``` | |||
| Allow from two specific ports, udp: | |||
| ``` | |||
| ufw: | |||
+ 4
- 2
pillar.example
查看文件
| @@ -69,8 +69,10 @@ ufw: | |||
| deny: True | |||
| from_addr: 10.0.0.1 | |||
| # Deny everything from a multiple ip addresses | |||
| '*': | |||
| # Deny everything from multiple ip addresses and avoid | |||
| # conflicts with already defined service '*' | |||
| '*/multiple': | |||
| to_port: '*' | |||
| protocol: tcp | |||
| deny: True | |||
| from_addr: | |||
+ 2
- 1
ufw/init.sls
查看文件
| @@ -53,6 +53,7 @@ ufw: | |||
| {%- set method = 'deny' if deny else ('limit' if limit else 'allow') -%} | |||
| {%- set from_port = service_details.get('from_port', None) %} | |||
| {%- set to_addr = service_details.get('to_addr', None) %} | |||
| {%- set to_port = service_details.get('to_port', service_name) %} | |||
| {%- set comment = service_details.get('comment', None) %} | |||
| ufw-svc-{{method}}-{{service_name}}-{{from_addr}}: | |||
| @@ -72,7 +73,7 @@ ufw-svc-{{method}}-{{service_name}}-{{from_addr}}: | |||
| {%- if comment != None %} | |||
| - comment: '"{{comment}}"' | |||
| {%- endif %} | |||
| - to_port: "{{service_name}}" | |||
| - to_port: "{{to_port}}" | |||
| - require: | |||
| - pkg: ufw | |||
| - listen_in: | |||
Loading…