Add an example playbook.

This commit is contained in:
Jeremy Gardais 2017-08-07 17:59:21 +02:00
parent 2611dce9d9
commit 4fdf3232c3
1 changed files with 18 additions and 0 deletions

View File

@ -123,6 +123,24 @@ table inet firewall {
- role: ipr-cnrs.nftables
```
* Use default rules with allow ICMP and count dropped input packets:
`group_vars/all`:
``` yaml
nft_global_group_rules:
002 icmp:
- ip protocol icmp accept
```
`group_vars/first_group`:
``` yaml
nft_input_group_rules:
999 count policy packet:
- counter
```
## Configuration
This role will: