cellinfo
/
ansible.nftables
4
0
Fork 0
Code Issues Pull Requests Releases Activity

Allow outgoing OpenPGP HTTP requests.

This commit is contained in:
Jeremy Gardais 2017-08-11 13:46:50 +02:00
parent b831267b8e
commit 93e4a2e939
3 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -10,6 +10,7 @@
* Use more sets and vars definitions for input/output to avoid multiple rules. * Use more sets and vars definitions for input/output to avoid multiple rules.
* Allow outgoing icmp. * Allow outgoing icmp.
* Remove DHCP incoming packets. The connection is started by the host, don't need incoming rule. * Remove DHCP incoming packets. The connection is started by the host, don't need incoming rule.
* Allow outgoing OpenPGP HTTP requests.
## v1.0 ## v1.0

4
README.md
View File

@ -116,7 +116,7 @@ nft_define_default:
value: 'none' value: 'none'
output tcp accepted: output tcp accepted:
name: output_tcp_accept name: output_tcp_accept
value: '{ http, https }' value: '{ http, https, hkp }'
output udp accepted: output udp accepted:
name: output_udp_accept name: output_udp_accept
value: '{ bootps, domain, ntp }' value: '{ bootps, domain, ntp }'
@ -177,7 +177,7 @@ table inet firewall {
set output_tcp_accept { set output_tcp_accept {
type inet_service type inet_service
flags interval flags interval
elements = { http, https} elements = { http, https, hkp}
} }
set output_udp_accept { set output_udp_accept {

2
defaults/main.yml
View File

@ -71,7 +71,7 @@ nft_define_default:
value: 'none' value: 'none'
output tcp accepted: output tcp accepted:
name: output_tcp_accept name: output_tcp_accept
value: '{ http, https }' value: '{ http, https, hkp }'
output udp accepted: output udp accepted:
name: output_udp_accept name: output_udp_accept
value: '{ bootps, domain, ntp }' value: '{ bootps, domain, ntp }'