tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

library/roles/iptables/templates/iptables-rules.v4.j2: Fix a mistake where the task failed when psql_db_data was not defined.

This commit is contained in:
Andrea Dell'Amico 2017-03-07 13:12:01 +01:00
parent 3a31d15cca
commit 892a05256a
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
iptables/templates/iptables-rules.v4.j2
View File

@ -69,6 +69,7 @@
{% if psql_firewall_enabled %} {% if psql_firewall_enabled %}
{% if psql_db_port is defined %} {% if psql_db_port is defined %}
{% if psql_listen_on_ext_int %} {% if psql_listen_on_ext_int %}
{% if psql_db_data is defined %}
# postgresql clients # postgresql clients
{% for db in psql_db_data %} {% for db in psql_db_data %}
{% for ip in db.allowed_hosts %} {% for ip in db.allowed_hosts %}
@ -76,6 +77,7 @@
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% endif %}
-A INPUT -m state --state NEW -s {{ ansible_default_ipv4.address }} -p tcp -m tcp --dport {{ psql_db_port }} -j ACCEPT -A INPUT -m state --state NEW -s {{ ansible_default_ipv4.address }} -p tcp -m tcp --dport {{ psql_db_port }} -j ACCEPT
-A INPUT -p tcp -m tcp --dport {{ psql_db_port }} -j DROP -A INPUT -p tcp -m tcp --dport {{ psql_db_port }} -j DROP
{% endif %} {% endif %}