cellinfo
/
ansible.nftables
2
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'aardbol-patch-3'

This commit is contained in:
Jeremy Gardais 2020-06-02 09:02:57 +02:00
parent 1fe24f01e4 1f91776374
commit 472badee55
1 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@ -252,6 +252,24 @@ table inet filter {
- role: ipr-cnrs.nftables - role: ipr-cnrs.nftables
``` ```
* Override some of the default defined sets:
``` yml
- hosts: serverXYZ
vars:
- nft_define:
input tcp accepted:
desc: Custom SSH port and torrent
name: in_tcp_accept
value: '{ 2201, 6881 }'
input udp accepted:
desc: torrent
name: in_udp_accept
value: '{ 6881 }'
roles:
- role: ipr-cnrs.nftables
```
* Use default rules with allow incoming ICMP and count dropped input packets: * Use default rules with allow incoming ICMP and count dropped input packets:
`group_vars/first_group`: `group_vars/first_group`: