forked from ISTI-ansible-roles/ansible-roles
library/roles/iptables/templates/iptables-rules.v4.j2: Fix a typo.
This commit is contained in:
parent
d32a1e99c6
commit
ba12f3dba8
|
@ -258,7 +258,6 @@
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
|
||||||
{% if iptables.any_rules is defined and iptables.any_rules %}
|
{% if iptables.any_rules is defined and iptables.any_rules %}
|
||||||
# ANY rules
|
# ANY rules
|
||||||
{% for any_rule in iptables.any %}
|
{% for any_rule in iptables.any %}
|
||||||
|
@ -267,12 +266,13 @@
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
# End of the custom rules
|
||||||
|
{% endif %}
|
||||||
{% if keepalived_enabled is defined and keepalived_enabled %}
|
{% if keepalived_enabled is defined and keepalived_enabled %}
|
||||||
-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
||||||
-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
||||||
{% endif %}
|
{% endif %}
|
||||||
#
|
#
|
||||||
-A INPUT -s 125.24.0.0/14 -j DROP
|
|
||||||
{% if iptables_input_default_policy == 'REJECT' %}
|
{% if iptables_input_default_policy == 'REJECT' %}
|
||||||
-A INPUT -j REJECT --reject-with icmp-host-prohibited
|
-A INPUT -j REJECT --reject-with icmp-host-prohibited
|
||||||
{% else %}
|
{% else %}
|
||||||
|
|
Loading…
Reference in New Issue