From 1c8d17ac280aae34e1986cf8da62ff0d6e006af0 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Wed, 22 Jan 2020 22:38:31 +0000 Subject: [PATCH] commit f302bb28cbb3ea67745b162dc1be753f888701c1 Author: Robert Kaussow Date: Wed Jan 22 23:24:46 2020 +0100 force run --- index.md | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 index.md diff --git a/index.md b/index.md new file mode 100644 index 0000000..a89ce20 --- /dev/null +++ b/index.md @@ -0,0 +1,80 @@ +--- +title: iptables +type: docs +--- + +Role to manage iptables + +* [Default Variables](#default-variables) + * [iptables_app_rules](#iptables-app-rules) + * [iptables_app_rules_extra](#iptables-app-rules-extra) + * [iptables_custom_rules](#iptables-custom-rules) + * [iptables_default_head](#iptables-default-head) + * [iptables_default_tail](#iptables-default-tail) + * [iptables_keep_unmanaged](#iptables-keep-unmanaged) +* [Dependencies](#dependencies) + +--- + +## Default Variables + +### iptables_app_rules + +#### Default value + +```YAML +iptables_app_rules: [] +``` + +### iptables_app_rules_extra + +#### Default value + +```YAML +iptables_app_rules_extra: [] +``` + +### iptables_custom_rules + +#### Default value + +```YAML +iptables_custom_rules: [] +``` + +### iptables_default_head + +Default head (allow) rules. + +#### Default value + +```YAML +iptables_default_head: "-P INPUT ACCEPT\n-P FORWARD ACCEPT\n-P OUTPUT ACCEPT\n-A INPUT\ + \ -m state --state RELATED,ESTABLISHED -j ACCEPT\n-A INPUT -i lo -j ACCEPT\n-A INPUT\ + \ -p icmp --icmp-type echo-request -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 22\ + \ -j ACCEPT\n" +``` + +### iptables_default_tail + +Default tail (deny) rules. + +#### Default value + +```YAML +iptables_default_tail: "-A INPUT -j REJECT\n-A FORWARD -j REJECT\n" +``` + +### iptables_keep_unmanaged + +By default this role deletes all iptables rules which are not managed by Ansible. Set this to 'yes', if you want the role to keep unmanaged rules. + +#### Default value + +```YAML +iptables_keep_unmanaged: no +``` + +## Dependencies + +None.