don't modify the firewall
This commit is contained in:
f
parent
e3a5854361
commit
244de034d8
3 changed files with 30 additions and 0 deletions
|
|
@ -56,6 +56,8 @@
|
||||||
dest: "{{ item }}"
|
dest: "{{ item }}"
|
||||||
mode: "640"
|
mode: "640"
|
||||||
loop:
|
loop:
|
||||||
|
- /etc/conf.d/iptables
|
||||||
|
- /etc/conf.d/ip6tables
|
||||||
- /etc/iptables/rules6-save
|
- /etc/iptables/rules6-save
|
||||||
- /etc/iptables/rules-save
|
- /etc/iptables/rules-save
|
||||||
- /etc/ipset.d/blocklist4
|
- /etc/ipset.d/blocklist4
|
||||||
|
|
|
||||||
14
templates/etc/conf.d/ip6tables.j2
Normal file
14
templates/etc/conf.d/ip6tables.j2
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
# /etc/conf.d/ip6tables
|
||||||
|
|
||||||
|
# Location in which ip6tables initscript will save set rules on
|
||||||
|
# service shutdown
|
||||||
|
IP6TABLES_SAVE="/etc/iptables/rules6-save"
|
||||||
|
|
||||||
|
# Options to pass to ip6tables-save and ip6tables-restore
|
||||||
|
SAVE_RESTORE_OPTIONS="-c"
|
||||||
|
|
||||||
|
# Save state on stopping iptables
|
||||||
|
SAVE_ON_STOP="no"
|
||||||
|
|
||||||
|
# Enable/disable IPv6 forwarding with the rules
|
||||||
|
IPFORWARD="no"
|
||||||
14
templates/etc/conf.d/iptables.j2
Normal file
14
templates/etc/conf.d/iptables.j2
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
# /etc/conf.d/iptables
|
||||||
|
|
||||||
|
# Location in which iptables initscript will save set rules on
|
||||||
|
# service shutdown
|
||||||
|
IPTABLES_SAVE="/etc/iptables/rules-save"
|
||||||
|
|
||||||
|
# Options to pass to iptables-save and iptables-restore
|
||||||
|
SAVE_RESTORE_OPTIONS="-c"
|
||||||
|
|
||||||
|
# Save state on stopping iptables
|
||||||
|
SAVE_ON_STOP="no"
|
||||||
|
|
||||||
|
# Enable/disable IPv4 forwarding with the rules
|
||||||
|
IPFORWARD="no"
|
||||||
Loading…
Reference in a new issue