ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity
02c1899ee0
ansible/roles/nftables/templates/nftables.conf.j2

83 lines
1.8 KiB
Plaintext
Raw Normal View History

Add nftables role
2022-09-04 13:59:28 +00:00
table inet filter {
{% if nftables_builtin_defines is mapping %}
{% for name, cfg in nftables_builtin_defines.items() %}
{% if cfg is string %}
define {{ name }} = {{ cfg }}
{% elif cfg is sequence %}
define {{ name }} = {
{% for elem in cfg %}
{{ elem }},
{% endfor %}
}
{% endif %}
{% endfor %}
{% endif %}
{% if nftables_defines is mapping %}
{% for name, cfg in nftables_defines.items() %}
define {{ name }} = {
{% for elem in cfg %}
{{ elem }},
{% endfor %}
}
{% endfor %}
{% endif %}
{% if nftables_builtin_sets is mapping %}
{% for name, cfg in nftables_builtin_sets.items() %}
set {{ name }} {
{% for elem in cfg %}
{{ elem }}
{% endfor %}
}
{% endfor %}
{% endif %}
{% if nftables_sets is mapping %}
{% for name, cfg in nftables_sets.items() %}
set {{ name }} {
{% for elem in cfg %}
{{ elem }}
{% endfor %}
}
{% endfor %}
{% endif %}
chain input {
{% if nftables_input_builtin_rules is sequence %}
{% for rule in nftables_input_builtin_rules %}
{{ rule }}
{% endfor %}
{% endif %}
{% if nftables_input_rules is sequence %}
{% for rule in nftables_input_rules %}
{{ rule }}
{% endfor %}
{% endif %}
}
chain forward {
{% if nftables_forward_builtin_rules is sequence %}
{% for rule in nftables_forward_builtin_rules %}
{{ rule }}
{% endfor %}
{% endif %}
{% if nftables_forward_rules is sequence %}
{% for rule in nftables_forward_rules %}
{{ rule }}
{% endfor %}
{% endif %}
}
chain output {
{% if nftables_output_builtin_rules is sequence %}
{% for rule in nftables_output_builtin_rules %}
{{ rule }}
{% endfor %}
{% endif %}
{% if nftables_output_rules is sequence %}
{% for rule in nftables_output_rules %}
{{ rule }}
{% endfor %}
{% endif %}
}
}
Reference in New Issue Copy Permalink