ansible.nftables/templates/etc/nftables.d/nat-prerouting.nft.j2

#jinja2: lstrip_blocks: "True", trim_blocks: "True"
# {{ ansible_managed }}
{% set preroutingmerged = nft__nat_default_prerouting_rules.copy() %}
{% set _ = preroutingmerged.update(nft__nat_prerouting_rules) %}
{% set _ = preroutingmerged.update(nft__nat_group_prerouting_rules) %}
{% if nft_merged_groups and hostvars[inventory_hostname]['nft_combined_rules'].nft__nat_group_prerouting_rules is defined %}
  {% set _ = preroutingmerged.update(hostvars[inventory_hostname]['nft_combined_rules'].nft__nat_group_prerouting_rules) %}
{% endif %}
{% set _ = preroutingmerged.update(nft__nat_host_prerouting_rules) %}

chain prerouting {
{% for group, rules in preroutingmerged|dictsort  %}
	# {{ group }}
  {% if not rules %}
	# (none)
  {% endif %}
  {% for rule in rules %}
	{{ rule }}
  {% endfor %}
{% endfor %}
}
Support merged firewall rules for multiple groups per host. - Multiple groups for a single server will now lead to all firewall rules being merged instead of overwritten. 2020-11-10 21:17:11 +01:00			`#jinja2: lstrip_blocks: "True", trim_blocks: "True"`
Generate Nat table rules files 2019-04-16 15:48:30 +02:00			`# {{ ansible_managed }}`
			`{% set preroutingmerged = nft__nat_default_prerouting_rules.copy() %}`
			`{% set _ = preroutingmerged.update(nft__nat_prerouting_rules) %}`
			`{% set _ = preroutingmerged.update(nft__nat_group_prerouting_rules) %}`
Change variable names + add debug toggle. 2020-12-30 17:12:50 +01:00			`{% if nft_merged_groups and hostvars[inventory_hostname]['nft_combined_rules'].nft__nat_group_prerouting_rules is defined %}`
Support merged firewall rules for multiple groups per host. - Multiple groups for a single server will now lead to all firewall rules being merged instead of overwritten. 2020-11-10 21:17:11 +01:00			`{% set _ = preroutingmerged.update(hostvars[inventory_hostname]['nft_combined_rules'].nft__nat_group_prerouting_rules) %}`
			`{% endif %}`
Generate Nat table rules files 2019-04-16 15:48:30 +02:00			`{% set _ = preroutingmerged.update(nft__nat_host_prerouting_rules) %}`

			`chain prerouting {`
			`{% for group, rules in preroutingmerged\|dictsort %}`
			`# {{ group }}`
Support merged firewall rules for multiple groups per host. - Multiple groups for a single server will now lead to all firewall rules being merged instead of overwritten. 2020-11-10 21:17:11 +01:00			`{% if not rules %}`
Generate Nat table rules files 2019-04-16 15:48:30 +02:00			`# (none)`
Support merged firewall rules for multiple groups per host. - Multiple groups for a single server will now lead to all firewall rules being merged instead of overwritten. 2020-11-10 21:17:11 +01:00			`{% endif %}`
			`{% for rule in rules %}`
Generate Nat table rules files 2019-04-16 15:48:30 +02:00			`{{ rule }}`
Support merged firewall rules for multiple groups per host. - Multiple groups for a single server will now lead to all firewall rules being merged instead of overwritten. 2020-11-10 21:17:11 +01:00			`{% endfor %}`
Generate Nat table rules files 2019-04-16 15:48:30 +02:00			`{% endfor %}`
			`}`