https://github.com/ome/ansible-role-iptables-raw

Ansible module to import iptables_raw library
https://github.com/ome/ansible-role-iptables-raw

ansible ansible-role firewall iptables ome openmicroscopy

Last synced: 8 months ago
JSON representation

Ansible module to import iptables_raw library

• Host: GitHub
• URL: https://github.com/ome/ansible-role-iptables-raw
• Owner: ome
• License: bsd-2-clause
• Created: 2018-06-14T12:01:31.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2024-11-19T10:06:15.000Z (over 1 year ago)
• Last Synced: 2025-09-04T18:50:21.580Z (9 months ago)
• Topics: ansible, ansible-role, firewall, iptables, ome, openmicroscopy
• Language: Python
• Homepage: https://galaxy.ansible.com/ome/iptables_raw/
• Size: 49.8 KB
• Stars: 4
• Watchers: 7
• Forks: 10
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
Iptables Raw

============

[![Actions Status](https://github.com/ome/ansible-role-iptables-raw/workflows/Molecule/badge.svg)](https://github.com/ome/ansible-role-iptables-raw/actions)

[![Ansible Role](https://img.shields.io/badge/ansible--galaxy-iptables_raw-blue.svg)](https://galaxy.ansible.com/ui/standalone/roles/ome/iptables_raw/)

Import the Iptables Raw library and make it available as a task.

Ensure iptables is active.

See these links for full documentation on the `iptables_raw` module:

- https://nordeus.com/blog/engineering/managing-iptables-with-ansible-the-easy-way/

- https://github.com/Nordeus/ansible_iptables_raw

- https://github.com/ansible/ansible/pull/21054

Parameters

----------

Optional:

- `iptables_raw_disable_firewalld`: Disable the firewalld service (if installed and enabled it will conflict), default `True`

Development

-----------

The [`library/iptables_raw.py`](library/iptables_raw.py) version is https://github.com/Nordeus/ansible_iptables_raw/tree/34672590224f393016ad086f82054319108e67ad (2018-02-18) with the following change to prevent ansible-lint/flake8 failing:

```diff

diff --git a/library/iptables_raw.py b/library/iptables_raw.py

index 71dfc0d..978a6c7 100644

--- a/library/iptables_raw.py

+++ b/library/iptables_raw.py

@@ -344,7 +344,7 @@ class Iptables:

     def _is_debian(self):

         return os.path.isfile('/etc/debian_version')

-    # If /etc/arch-release exist, this means this is an ArchLinux OS

+    # If /etc/arch-release exist, this means this is an ArchLinux OS

     def _is_arch_linux(self):

         return os.path.isfile('/etc/arch-release')

```

Example Playbook

----------------

    - hosts: localhost

      roles:

        - role: ome.iptables-raw

      tasks:

        # Block all incoming connections apart from ssh

        - ome.iptables_raw:

            name: test_rules

            keep_unmanaged: no

            rules: |

              -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

              -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

              -A INPUT -j REJECT

              -A FORWARD -j REJECT

              -A OUTPUT -j ACCEPT

            state: present

Author Information

------------------

ome-devel@lists.openmicroscopy.org.uk