2020-05-15 22:22:26 +02:00
|
|
|
Ansible Role: client iptables
|
|
|
|
|
=========
|
|
|
|
|
|
2020-07-11 14:59:52 +02:00
|
|
|
This role defines iptables rules for a GNU/Linux server (but NOT for routers).
|
2020-05-15 22:22:26 +02:00
|
|
|
|
|
|
|
|
Requirements
|
|
|
|
|
------------
|
|
|
|
|
|
2020-07-11 14:59:52 +02:00
|
|
|
WARNING : do not apply this role on routers !!!
|
|
|
|
|
|
|
|
|
|
This role assumes you have a clean iptables configuration on your host (else, you may need to flush the current rules).
|
2020-05-15 22:22:26 +02:00
|
|
|
|
|
|
|
|
Role Variables
|
|
|
|
|
--------------
|
|
|
|
|
|
|
|
|
|
All variables and default values are defined in `defaults/main.yml` :
|
|
|
|
|
|
|
|
|
|
# All authorized TCP ports
|
|
|
|
|
tcp_authorized_ports:
|
2020-07-11 20:40:46 +02:00
|
|
|
- '22'
|
2020-05-15 22:22:26 +02:00
|
|
|
|
2020-07-11 14:59:52 +02:00
|
|
|
# All authorized UDP ports
|
|
|
|
|
udp_authorized_ports: []
|
|
|
|
|
|
2020-05-15 22:22:26 +02:00
|
|
|
# All incoming authorized IP
|
|
|
|
|
ip_authorized: []
|
2020-07-11 16:10:53 +02:00
|
|
|
|
|
|
|
|
# Set to false to avoid iptables configure with this role
|
|
|
|
|
configure_iptables: true
|
2020-07-11 16:46:19 +02:00
|
|
|
|
|
|
|
|
# Iptables save files (Ipv4 and IPv6)
|
|
|
|
|
iptables_save_file: /etc/iptables/rules.v4
|
|
|
|
|
ip6tables_save_file: /etc/iptables/rules.v6
|
2020-05-15 22:22:26 +02:00
|
|
|
|
|
|
|
|
Dependencies
|
|
|
|
|
------------
|
|
|
|
|
|
|
|
|
|
None.
|
|
|
|
|
|
|
|
|
|
Example Playbook
|
|
|
|
|
----------------
|
|
|
|
|
|
|
|
|
|
- hosts: all
|
|
|
|
|
roles:
|
|
|
|
|
- client_iptables
|
|
|
|
|
|
|
|
|
|
License
|
|
|
|
|
-------
|
|
|
|
|
|
|
|
|
|
BSD
|
|
|
|
|
|
|
|
|
|
Author Information
|
|
|
|
|
------------------
|
|
|
|
|
|
|
|
|
|
This role was created in 2020 by Nemo.
|
