Another playbook example
It was hard for me to learn how to use the role and override the default rules. Therefore I want to contribute another example
This commit is contained in:
Leonardo
parent
1fe24f01e4
commit
1f91776374
18
README.md
18
README.md
|
|
@ -252,6 +252,24 @@ table inet filter {
|
||||||
- role: ipr-cnrs.nftables
|
- role: ipr-cnrs.nftables
|
||||||
```
|
```
|
||||||
|
|
||||||
|
* Override some of the default defined sets:
|
||||||
|
|
||||||
|
``` yml
|
||||||
|
- hosts: serverXYZ
|
||||||
|
vars:
|
||||||
|
- nft_define:
|
||||||
|
input tcp accepted:
|
||||||
|
desc: Custom SSH port and torrent
|
||||||
|
name: in_tcp_accept
|
||||||
|
value: '{ 2201, 6881 }'
|
||||||
|
input udp accepted:
|
||||||
|
desc: torrent
|
||||||
|
name: in_udp_accept
|
||||||
|
value: '{ 6881 }'
|
||||||
|
roles:
|
||||||
|
- role: ipr-cnrs.nftables
|
||||||
|
```
|
||||||
|
|
||||||
* Use default rules with allow incoming ICMP and count dropped input packets :
|
* Use default rules with allow incoming ICMP and count dropped input packets :
|
||||||
|
|
||||||
`group_vars/first_group` :
|
`group_vars/first_group` :
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue