Jeremy Gardais
28cf15ee42
Manage Fail2ban in the "systemd way"
...
Thanks to @FinweVI !
Rebase after Gentoo related commits
2021-08-13 11:48:27 +02:00
Vladimir Timofeenko
a442b8f637
Added ability to specify nft bin location
...
Gentoo installs nft binary into /sbin/nft in accordance with the
filesystem spec:
https://devmanual.gentoo.org/general-concepts/filesystem/
This commit adds the ability to specify the location of nft binary
through variable nft__bin_location.
By default it is set to "/usr/sbin/nft".
2021-08-11 08:50:37 -07:00
Philipp Rintz
e0658c0661
Added the option to manage the forwarding firewall table.
2021-03-03 13:57:36 +01:00
Philipp Rintz
3be5c95180
Add nft_custom_includes option for optional includes in the main filter table.
2021-03-03 13:57:36 +01:00
Philipp Rintz
19ee0ed2bc
Change variable names + add debug toggle.
2020-12-30 17:15:14 +01:00
Philipp Rintz
290a86e906
Support merged firewall rules for multiple groups per host.
...
- Multiple groups for a single server will now lead to all firewall
rules being merged instead of overwritten.
2020-11-10 21:17:11 +01:00
Jeremy Gardais
6e1c48ee99
Use var to include defines.nft file − Fix #9
2020-06-02 09:22:17 +02:00
Jeremy Gardais
7750b03e26
Include set definitions in nat table
2019-04-16 18:57:31 +02:00
Jeremy Gardais
095e03f1b2
Include Nat rules files in main configuration
2019-04-16 15:59:08 +02:00
Jeremy Gardais
63b3bb2c13
Generate Nat table rules files
2019-04-16 15:48:30 +02:00
Jeremy Gardais
4047d64c76
Add a variable to manage custom content (table, include,…)
2019-04-16 11:50:30 +02:00
Jeremy Gardais
83675dfe48
Allow to disable "Protect" in systemd unit
2019-03-15 11:13:26 +01:00
Jeremy Gardais
f47be2bebe
Add possibility to restart Fail2ban service
2018-08-07 11:03:29 +02:00
Jeremy Gardais
1c3d0284d5
Add a additionnal level for all vars for all hosts
...
It can be defined in group_vars/all .
2018-08-06 15:09:20 +02:00
Jeremy Gardais
eb93ff65f9
Provide the systemd unit.
2018-02-06 17:17:48 +01:00
Jeremy Gardais
3e69865a56
Rename firewall table to filter table (most use on Debian).
2018-02-06 15:50:31 +01:00
Jeremy Gardais
74d068a92c
Rollback to inet family (for ipv4 and ipv6).
2017-08-09 15:01:35 +02:00
Jeremy Gardais
6b6a3a1794
Use 'ip' family as default for the firewall table.
2017-08-09 11:18:49 +02:00
Jeremy Gardais
c711ec53eb
Move output rules to a specific file.
2017-08-08 15:35:05 +02:00
Jeremy Gardais
043bc55dcb
Manage sets and maps definitions in a specific file.
2017-08-08 14:32:59 +02:00
Jeremy Gardais
983e77df5d
Rename nft_input_conf file.
2017-08-08 13:42:44 +02:00
Jeremy Gardais
f1d2f6582f
Add possibility to have nftables vars.
2017-08-08 12:11:58 +02:00
Jeremy Gardais
2611dce9d9
Manage input rule with dict.
2017-08-07 17:50:11 +02:00
Jeremy Gardais
5ff44ffcfa
Move input rules to a specific file.
2017-08-07 17:37:41 +02:00
Jeremy Gardais
98d2bf82db
Add dict to manage global config rules.
2017-08-07 17:07:35 +02:00
Jeremy Gardais
bc6f69fc59
Generate main configuration file.
2017-08-07 13:48:54 +02:00