ansible-base/roles/client_iptables
Nemo 1401957497 OpenBSD adaptation 2020-08-23 17:55:09 +02:00
..
defaults Add apostrophe to port (ansible updated) 2020-07-11 20:40:46 +02:00
handlers Adapt client_iptables role to support Gentoo 2020-07-11 16:46:19 +02:00
meta Add UDP ports in iptables role and update README role 2020-07-11 14:59:52 +02:00
tasks Move some specific-OS group_vars into role vars (ex: Debian.yml in the role vars folder) 2020-07-12 12:04:23 +02:00
vars OpenBSD adaptation 2020-08-23 17:55:09 +02:00
README.md Add apostrophe to port (ansible updated) 2020-07-11 20:40:46 +02:00

README.md

Ansible Role: client iptables

This role defines iptables rules for a GNU/Linux server (but NOT for routers).

Requirements

WARNING : do not apply this role on routers !!!

This role assumes you have a clean iptables configuration on your host (else, you may need to flush the current rules).

Role Variables

All variables and default values are defined in defaults/main.yml :

# All authorized TCP ports
tcp_authorized_ports:
  - '22'

# All authorized UDP ports
udp_authorized_ports: []

# All incoming authorized IP
ip_authorized: []

# Set to false to avoid iptables configure with this role
configure_iptables: true

# Iptables save files (Ipv4 and IPv6)
iptables_save_file: /etc/iptables/rules.v4
ip6tables_save_file: /etc/iptables/rules.v6

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - client_iptables

License

BSD

Author Information

This role was created in 2020 by Nemo.