ISTI-ansible-roles
/
ansible-roles
4
0
Fork 3
Code Issues Pull Requests Releases Wiki Activity

library/roles/iptables/templates/iptables-rules.v4.j2: Add a rule to add ANY rules.

This commit is contained in:
Andrea Dell'Amico 2016-12-14 16:09:39 +01:00
parent efa1b35719
commit d32a1e99c6
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
iptables/templates/iptables-rules.v4.j2
View File

@ -259,6 +259,14 @@
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if iptables.any_rules is defined and iptables.any_rules %}
# ANY rules
{% for any_rule in iptables.any %}
{% for ip in any_rule.allowed_hosts %}
-A INPUT -s {{ ip }} -j ACCEPT
{% endfor %}
{% endfor %}
{% endif %}
{% if keepalived_enabled is defined and keepalived_enabled %} {% if keepalived_enabled is defined and keepalived_enabled %}
-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT -A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT -A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT