ansible/roles/nftables/templates/nftables.conf.j2

{% set combined_defines = [ nftables_builtin_defines, nftables_defines ] | combine %}
{% set combined_sets = [ nftables_builtin_sets, nftables_sets ] | combine %}
{% set combined_input_rules = [ nftables_input_builtin_rules, nftables_input_rules ] | combine %}
{% set combined_forward_rules = [ nftables_forward_builtin_rules, nftables_forward_rules ] | combine %}
{% set combined_output_rules = [ nftables_output_builtin_rules, nftables_output_rules ] | combine %}
table inet filter {
{% for name, cfg in combined_defines.items() %}
{%   if cfg is string or cfg is number %}
  define {{ name }} = {{ cfg }}
{%  elif cfg is sequence %} 
  define {{ name }} = {
{%   for elem in cfg %}
    {{ elem }},
{%   endfor %}
  }
{%   endif %}
{% endfor %}

{% for name, cfg in combined_sets.items() %}
  set {{ name }} { 
{%   for elem in cfg %}
    {{ elem }}
{%   endfor %}
  }
{% endfor %}

  chain input {
{% for comment, rules in combined_input_rules.items() %}
    # {{ comment }}
{%   for rule in rules %}
    {{ rule }}
{%   endfor %}
{% endfor %}
  }

  chain forward {
{% for comment, rules in combined_forward_rules.items() %}
    # {{ comment }}
{%   for rule in rules %}
    {{ rule }}
{%   endfor %}
{% endfor %}
  }

  chain output {
{% for comment, rules in combined_output_rules.items() %}
    # {{ comment }}
{%   for rule in rules %}
    {{ rule }}
{%   endfor %}
{% endfor %}
  }
}
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% set combined_defines = [ nftables_builtin_defines, nftables_defines ] \| combine %}`
			`{% set combined_sets = [ nftables_builtin_sets, nftables_sets ] \| combine %}`
			`{% set combined_input_rules = [ nftables_input_builtin_rules, nftables_input_rules ] \| combine %}`
			`{% set combined_forward_rules = [ nftables_forward_builtin_rules, nftables_forward_rules ] \| combine %}`
			`{% set combined_output_rules = [ nftables_output_builtin_rules, nftables_output_rules ] \| combine %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`table inet filter {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for name, cfg in combined_defines.items() %}`
			`{% if cfg is string or cfg is number %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`define {{ name }} = {{ cfg }}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% elif cfg is sequence %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`define {{ name }} = {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for elem in cfg %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`{{ elem }},`
			`{% endfor %}`
			`}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% endif %}`
			`{% endfor %}`
Add nftables role 2022-09-04 13:59:28 +00:00
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for name, cfg in combined_sets.items() %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`set {{ name }} {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for elem in cfg %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`{{ elem }}`
			`{% endfor %}`
			`}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% endfor %}`
Add nftables role 2022-09-04 13:59:28 +00:00
			`chain input {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for comment, rules in combined_input_rules.items() %}`
			`# {{ comment }}`
			`{% for rule in rules %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`{{ rule }}`
			`{% endfor %}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% endfor %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`}`

			`chain forward {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for comment, rules in combined_forward_rules.items() %}`
			`# {{ comment }}`
			`{% for rule in rules %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`{{ rule }}`
			`{% endfor %}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% endfor %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`}`

			`chain output {`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% for comment, rules in combined_output_rules.items() %}`
			`# {{ comment }}`
			`{% for rule in rules %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`{{ rule }}`
			`{% endfor %}`
nftables: add more rules 2024-04-14 22:46:42 +00:00			`{% endfor %}`
Add nftables role 2022-09-04 13:59:28 +00:00			`}`
			`}`