Inicio Explorar Axuda
Iniciar sesión
kolter
/
ansible-playbooks
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Improve ferm configuration to make possible to add firewall rules per user

Emmanuel Bouthenot %!s(int64=10) %!d(string=hai) anos
pai
d8c8e991fd
achega
087271af01
Modificáronse 1 ficheiros con 10 adicións e 0 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 10 0
      roles/common/templates/ferm/ferm.conf.j2

+ 10 - 0
roles/common/templates/ferm/ferm.conf.j2
Ver ficheiro 

@@ -40,6 +40,16 @@ table filter {
 
         # connection tracking
 
         #mod state state INVALID DROP;
 
         mod state state (ESTABLISHED RELATED) ACCEPT;
 
+{% if firewall_private is defined %}
 
+{% for fwconf in firewall_private %}
 
+{% if fwconf.users is defined %}
 
+
 
+        # Private networks configuration
 
+        mod owner uid-owner ({{ fwconf.users | join(' ') }}) outerface {{ fwconf.interface }} ACCEPT;
 
+        outerface {{ fwconf.interface }} DROP;
 
+{% endif %}
 
+{% endfor %}
 
+{% endif %}
 
     }
 
 
     chain FORWARD {