43 lines
1.6 KiB
Django/Jinja
43 lines
1.6 KiB
Django/Jinja
#jinja2: lstrip_blocks: True
|
|
{{ ansible_managed | comment("xml") }}
|
|
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
<zone{% if item.target is defined %} target="{{ item.target }}"{% endif %}>
|
|
<short>{{ item.short | default(item.name) | upper }}</short>
|
|
{% if item.description is defined %}
|
|
<description>{{ item.description }}</description>
|
|
{% endif %}
|
|
{% if item | lenght > 0 %}
|
|
|
|
{% for tag in item %}
|
|
{# Settings which can be used several times #}
|
|
{% if tag in ['interface','source','service','port','protocol','icmp-block','forward-port','source-port'] %}
|
|
{% for subtag in item[tag] %}
|
|
<{{ tag }}{% for name,value in subtag.items() %} {{ name }}="{{ value }}"{% endfor %}/>
|
|
{% endfor %}
|
|
{# Settings which can be used once #}
|
|
{% elif tag in ['icmp-block-inversion','masquerade'] and item[tag] == True %}
|
|
<{{ tag }}/>
|
|
{% endif %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if item.rule | default([]) | length > 0 %}
|
|
|
|
{% for rule in item.rule | default([]) %}
|
|
<rule{% if rule.family is defined %} family="{{ rule.family }}"{% endif %}>
|
|
{% for tag in rule %}
|
|
{% if tag in ['source','destination','service','port','icmp-block','icmp-type','masquerade','forward-port'] %}
|
|
<{{ tag }}{% for name,value in tag.items() | default({}) %} {{ name }}="{{ value }}"{% endfor %}/>
|
|
{% elif tag in ['log','audit','accept','drop','mark','reject'] %}
|
|
<{{ tag }}{% for name,value in tag.items() %} {{ name }}="{{ value }}"{% endfor %}>
|
|
{% endif %}
|
|
{% if tag.limit is defined %}
|
|
<limit value="{{ tag.limit }}"/>
|
|
{% endif %}
|
|
</{{ tag }}>
|
|
{% endfor %}
|
|
</rule>
|
|
{% endfor %}
|
|
{% endif %}
|
|
</zone>
|