library/roles/iptables/templates/iptables-rules.v4.j2: Fix a typo.

This commit is contained in:
Andrea Dell'Amico 2016-12-14 18:32:05 +01:00
parent d32a1e99c6
commit ba12f3dba8
1 changed files with 2 additions and 2 deletions

View File

@ -258,7 +258,6 @@
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% endif %}
{% if iptables.any_rules is defined and iptables.any_rules %} {% if iptables.any_rules is defined and iptables.any_rules %}
# ANY rules # ANY rules
{% for any_rule in iptables.any %} {% for any_rule in iptables.any %}
@ -267,12 +266,13 @@
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
# End of the custom rules
{% endif %}
{% if keepalived_enabled is defined and keepalived_enabled %} {% if keepalived_enabled is defined and keepalived_enabled %}
-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT -A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT -A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
{% endif %} {% endif %}
# #
-A INPUT -s 125.24.0.0/14 -j DROP
{% if iptables_input_default_policy == 'REJECT' %} {% if iptables_input_default_policy == 'REJECT' %}
-A INPUT -j REJECT --reject-with icmp-host-prohibited -A INPUT -j REJECT --reject-with icmp-host-prohibited
{% else %} {% else %}