xoxys.firewalld/templates/etc/firewalld/zones/zone.xml.j2

35 lines
1.5 KiB
Plaintext
Raw Normal View History

2022-06-13 18:47:12 +00:00
#jinja2: lstrip_blocks: True
<?xml version="1.0" encoding="utf-8"?>
<zone{% if item.target is defined %} target="{{ item.target }}"{% endif %}>
2022-06-19 21:33:05 +00:00
<short>{{ item.short | default(item.name) | capitalize }}</short>
2022-06-13 18:47:12 +00:00
{% if item.description is defined %}
<description>{{ item.description }}</description>
{% endif %}
{% for tag in item %}
{# Settings which can be used several times #}
2022-06-13 20:18:21 +00:00
{% if tag in ["interface", "source", "service", "port", "protocol", "icmp-block", "forward-port", "source-port"] %}
2022-06-13 18:47:12 +00:00
{% for subtag in item[tag] %}
2022-06-13 20:18:21 +00:00
<{{ tag }}{% for name, value in subtag.items() %} {{ name }}="{{ value }}"{% endfor %}/>
2022-06-13 18:47:12 +00:00
{% endfor %}
{# Settings which can be used once #}
2022-10-12 14:22:57 +00:00
{% elif tag in ["icmp-block-inversion", "masquerade", "forward"] and item[tag] | bool %}
2022-06-13 18:47:12 +00:00
<{{ tag }}/>
{% endif %}
{% endfor %}
{% for rule in item.rule | default([]) %}
<rule{% if rule.family is defined %} family="{{ rule.family }}"{% endif %}>
{% for tag in rule %}
2022-06-13 20:18:21 +00:00
{% if tag in ["source", "destination", "service", "port", "icmp-block", "icmp-type", "masquerade", "forward-port"] %}
<{{ tag }}{% for name, value in tag.items() | default({}) %} {{ name }}="{{ value }}"{% endfor %}/>
{% elif tag in ["log", "audit", "accept", "drop", "mark", "reject"] %}
<{{ tag }}{% for name, value in tag.items() %} {{ name }}="{{ value }}"{% endfor %}>
2022-06-13 18:47:12 +00:00
{% endif %}
{% if tag.limit is defined %}
<limit value="{{ tag.limit }}"/>
{% endif %}
</{{ tag }}>
{% endfor %}
</rule>
{% endfor %}
</zone>