Vladimir Timofeenko
97044bc28f
Added default variables for Gentoo
...
Gentoo package name for nftables is 'net-firewall/nftables'
2021-08-06 16:20:49 -07:00
Jeremy Gardais
adc627ebc0
Merge remote-tracking branch 'github/add_molecule'
2021-08-06 16:09:20 +02:00
Paweł Krawczyk
564038c06e
Add Molecule test scenario
2021-08-06 10:28:16 +01:00
Paweł Krawczyk
eafc04a360
Version should be string (ansible-lint)
2021-08-06 10:27:44 +01:00
Jeremy Gardais
0cb79c2a47
Update CHANGELOG.md
2021-03-12 10:32:25 +01:00
Jeremy Gardais
a71b9c3a62
Merge branch 'p-rintz-backup_toggle'
2021-03-12 10:23:30 +01:00
Jeremy Gardais
7639f2bbbf
Merge branch 'backup_toggle' of https://github.com/p-rintz/nftables into p-rintz-backup_toggle
2021-03-12 09:54:06 +01:00
Jeremy Gardais
f7dffda808
Merge branch 'p-rintz-feature_forwarding'
2021-03-12 09:42:10 +01:00
Philipp Rintz
ab5c105419
Make config backup configurable by using nft_backup_conf variable.
2021-03-12 09:28:45 +01:00
Jeremy Gardais
60b7d49555
Merge branch 'feature_forwarding' of https://github.com/p-rintz/nftables into p-rintz-feature_forwarding
2021-03-09 18:02:31 +01:00
Jeremy Gardais
db3fbdc9b4
New examples usecases (mostly for playbooks)
2021-03-09 17:55:55 +01:00
Jeremy Gardais
9eff3cd1d0
Remove everything related to in_udp_accept
...
See conversation in PR #13 (summary : cause it was empty by
default and the role currently doesn't manage it well)
2021-03-04 10:36:17 +01:00
Philipp Rintz
51d768539f
Add forward chain variables to README.md
2021-03-03 13:57:36 +01:00
Philipp Rintz
e0658c0661
Added the option to manage the forwarding firewall table.
2021-03-03 13:57:36 +01:00
Philipp Rintz
3be5c95180
Add nft_custom_includes option for optional includes in the main filter table.
2021-03-03 13:57:36 +01:00
Jeremy Gardais
4576ec6ed4
Ansible-lint: Fix line longer than 160 chars
2021-01-05 15:58:43 +01:00
Jeremy Gardais
e9a83261fa
Release v1.7.0
2021-01-04 16:53:16 +01:00
Jeremy Gardais
0df963cd86
Merge branch 'p-rintz-master'
2021-01-04 15:23:43 +01:00
Philipp Rintz
639a9f7109
Fix formatting mistake in defaults/main.yml
2020-12-30 17:23:18 +01:00
Philipp Rintz
19ee0ed2bc
Change variable names + add debug toggle.
2020-12-30 17:15:14 +01:00
Philipp Rintz
b3e26a435e
Allow for undefined group variables for merged_groups.
2020-12-01 16:17:01 +01:00
Philipp Rintz
3d5edb45b9
Add additional variables to README
2020-11-29 15:36:26 +01:00
Philipp Rintz
65d7414785
Added merged_groups info to README.
2020-11-29 15:29:22 +01:00
Philipp Rintz
2b61973d1c
Fix error when variables were empty
2020-11-11 15:27:08 +01:00
Philipp Rintz
290a86e906
Support merged firewall rules for multiple groups per host.
...
- Multiple groups for a single server will now lead to all firewall
rules being merged instead of overwritten.
2020-11-10 21:17:11 +01:00
Jeremy Gardais
6e1c48ee99
Use var to include defines.nft file − Fix #9
2020-06-02 09:22:17 +02:00
Jeremy Gardais
b8d55b5822
Merge branch 'aardbol-patch-4'
2020-06-02 09:15:09 +02:00
Leonardo
f6c6df3dc6
added missing icmpv6 output rule
2020-06-02 09:11:51 +02:00
Jeremy Gardais
472badee55
Merge branch 'aardbol-patch-3'
2020-06-02 09:02:57 +02:00
Leonardo
1f91776374
Another playbook example
...
It was hard for me to learn how to use the role and override the default rules. Therefore I want to contribute another example
2020-06-02 09:01:54 +02:00
Jeremy Gardais
1fe24f01e4
Merge branch 'aardbol-patch-1' - input ICMPv6
2020-06-02 08:35:38 +02:00
Leonardo
15c0bf1625
Allow icmp(v6)
...
Allow pings and icmp traffic for both ipv4 and ipv6
2020-05-24 09:51:27 +02:00
Jeremy Gardais
88348aedab
New v1.6.0 release
2020-04-21 09:57:55 +02:00
Jeremy Gardais
221de0cc89
Reload nftables service to apply new rules
...
Fix #3 Github
2020-04-21 09:53:57 +02:00
Jeremy Gardais
72551575df
Fix the 10 minutes delay at first run ( fix #1 )!
2020-04-21 08:40:31 +02:00
Jeremy Gardais
74b864e2cb
Block ipv6 multicast by default
2020-04-21 08:31:51 +02:00
Jeremy Gardais
8f36904af7
Add libiptc0 to the list of old package to remove
...
libiptc0 is an iptables dependency.
2019-05-31 20:02:19 +02:00
Jeremy Gardais
5dee91df3e
Turn nft_old_pkg_list into a list as expected
2019-05-31 15:28:45 +02:00
Jeremy Gardais
dddc46282d
Merge branch 'JulienVdG-ansible-2-7-deprecation-fix'
2019-05-09 13:53:27 +02:00
Julien Viard de Galbert
5394cedc2a
Fix deprecation warning with ansible 2.7
...
[DEPRECATION WARNING]: Invoking "apt" only once while using a loop via
squash_actions is deprecated. Instead of using a loop to supply multiple
items and specifying `name: "{{ item }}"`, please use
`name: ['{{ nft_old_pkg_list }}']` and remove the loop.
This feature will be removed in version 2.11.
Signed-off-by: Julien Viard de Galbert <julien@vdg.name>
2019-05-07 00:00:48 +02:00
Jeremy Gardais
7750b03e26
Include set definitions in nat table
2019-04-16 18:57:31 +02:00
Jeremy Gardais
bcc3fc6f85
Manage a NAT table with pre and postrouting chains
2019-04-16 16:11:02 +02:00
Jeremy Gardais
095e03f1b2
Include Nat rules files in main configuration
2019-04-16 15:59:08 +02:00
Jeremy Gardais
63b3bb2c13
Generate Nat table rules files
2019-04-16 15:48:30 +02:00
Jeremy Gardais
b77d492da2
Order and clean comments in defaults/main.yml file
2019-04-16 15:21:48 +02:00
Jeremy Gardais
a5199dc0f2
Clean tasks name and comments in tasks/main.yml file
2019-04-16 14:10:11 +02:00
Jeremy Gardais
4047d64c76
Add a variable to manage custom content (table, include,…)
2019-04-16 11:50:30 +02:00
Jeremy Gardais
b0da91bb73
Improve vars description/comments in default/main
2019-04-15 15:29:48 +02:00
Jeremy Gardais
83675dfe48
Allow to disable "Protect" in systemd unit
2019-03-15 11:13:26 +01:00
Jeremy Gardais
7ace36ed6e
Fix E405 Remote package tasks should have a retry
2019-02-27 13:31:25 +01:00