https://github.com/mhutter/ansible-iptables
https://github.com/mhutter/ansible-iptables
ansible iptables
Last synced: 11 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/mhutter/ansible-iptables
- Owner: mhutter
- Created: 2018-06-01T06:45:53.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2020-03-07T23:58:02.000Z (over 6 years ago)
- Last Synced: 2025-03-23T19:17:58.660Z (over 1 year ago)
- Topics: ansible, iptables
- Size: 14.6 KB
- Stars: 0
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# mhutter.iptables
[](https://travis-ci.com/mhutter/ansible-iptables)
Manage iptables rules using Ansible.
## Usage
This role needs to be included in your playbook twice:
```yaml
- hosts: all
vars:
iptables_phase: pre
roles:
- name: mhutter.iptables
tags: iptables
# ... all other plays & tasks of your playbook
- hosts: all
vars:
iptables_phase: post
roles:
- name: mhutter.iptables
tags: iptables
```
The **pre** phase sets up all requirements (packages, folders, ...) while the
**post** phase creates some defaults, generates the final iptables rule files
and applies them.
### Rules
To add your own rules, drop the appropriate files in
`/etc/iptables/fragments.{v4,v6}`:
```yaml
# roles/etcd/tasks/main.yml
- name: Prepare iptables rules
copy:
content: '-A INPUT -p tcp -m multiport --dports 2379,2380 -j ACCEPT'
dest: /etc/iptables/fragments.v4/10_etcd
owner: root
group: root
mode: 0644
tags: iptables
```
TODO: Add module that simplifies rule definitions
## Installation
Add the following snippet to your `requirements.yml`:
```yaml
- name: mhutter.iptables
version: master
```
And then run `ansible-galaxy install -r requirements.yml` as usual
## Role Variables
* `iptables_phase` - either `pre` or `post`, see "Usage" section