92 lines
2.1 KiB
Plaintext
92 lines
2.1 KiB
Plaintext
---
|
|
iptables-service-config-1:
|
|
file.managed:
|
|
- name: /etc/systemd/system/iptables.service
|
|
- source: salt://firewall/iptables.service.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
cmd: iptables-reload-systemd
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
|
|
iptables-service-config-2:
|
|
file.managed:
|
|
- name: /lib/systemd/system/iptables.service
|
|
- source: salt://firewall/iptables.service.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
cmd: iptables-reload-systemd
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
|
|
iptables-reload-systemd:
|
|
cmd.run:
|
|
- name: systemctl daemon-reload
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
|
|
iptables-service-script:
|
|
file.managed:
|
|
- name: /sbin/iptables-service
|
|
- source: salt://firewall/iptables-service.j2
|
|
- template: jinja
|
|
- user: root
|
|
- group: root
|
|
- mode: 0755
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
|
|
iptables-config-dir:
|
|
file.directory:
|
|
- name: /etc/iptables
|
|
|
|
iptables-main-config:
|
|
file.managed:
|
|
- name: /etc/iptables/iptables.conf
|
|
- source: salt://firewall/iptables.conf.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
- service: iptables-service
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
- file: iptables-config-dir
|
|
|
|
iptables-reset-config:
|
|
file.managed:
|
|
- name: /etc/iptables/iptables.reset.conf
|
|
- source: salt://firewall/iptables.conf.reset.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
- service: iptables-service
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
- file: iptables-config-dir
|
|
|
|
ip6tables-main-config:
|
|
file.managed:
|
|
- name: /etc/iptables/ip6tables.conf
|
|
- source: salt://firewall/ip6tables.conf.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
- service: iptables-service
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
- file: iptables-config-dir
|
|
|
|
ip6tables-reset-config:
|
|
file.managed:
|
|
- name: /etc/iptables/ip6tables.reset.conf
|
|
- source: salt://firewall/ip6tables.conf.reset.j2
|
|
- template: jinja
|
|
- watch_in:
|
|
- service: iptables-service
|
|
- require:
|
|
- pkg: iptables-pkg
|
|
- file: iptables-config-dir
|
|
|
|
iptables-service:
|
|
service.running:
|
|
- name: iptables
|
|
- enable: true
|
|
- require:
|
|
- pkg: iptables-pkg |