Home Explore Help
Sign In
kolter
/
ansible-playbooks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Improve ferm configuration to make possible to add firewall rules per user

Emmanuel Bouthenot 10 years ago
parent
d8c8e991fd
commit
087271af01
1 changed files with 10 additions and 0 deletions
Split View Show Diff Stats
  1. 10 0
      roles/common/templates/ferm/ferm.conf.j2

+ 10 - 0
roles/common/templates/ferm/ferm.conf.j2
View File 

@@ -40,6 +40,16 @@ table filter {
 
         # connection tracking
 
         #mod state state INVALID DROP;
 
         mod state state (ESTABLISHED RELATED) ACCEPT;
 
+{% if firewall_private is defined %}
 
+{% for fwconf in firewall_private %}
 
+{% if fwconf.users is defined %}
 
+
 
+        # Private networks configuration
 
+        mod owner uid-owner ({{ fwconf.users | join(' ') }}) outerface {{ fwconf.interface }} ACCEPT;
 
+        outerface {{ fwconf.interface }} DROP;
 
+{% endif %}
 
+{% endfor %}
 
+{% endif %}
 
     }
 
 
     chain FORWARD {