paulbsd-salt/states/iptables/iptables.sls
2021-08-19 21:15:24 +02:00

93 lines
2.1 KiB
Plaintext

---
iptables-service-config-1:
file.managed:
- name: /etc/systemd/system/iptables.service
- source: salt://firewall/iptables.service.j2
- template: jinja
- watch_in:
cmd: iptables-reload-systemd
- require:
- pkg: iptables-pkg
iptables-service-config-2:
file.managed:
- name: /lib/systemd/system/iptables.service
- source: salt://firewall/iptables.service.j2
- template: jinja
- watch_in:
cmd: iptables-reload-systemd
- require:
- pkg: iptables-pkg
iptables-reload-systemd:
cmd.run:
- name: systemctl daemon-reload
- require:
- pkg: iptables-pkg
iptables-service-script:
file.managed:
- name: /sbin/iptables-service
- source: salt://firewall/iptables-service.j2
- template: jinja
- user: root
- group: root
- mode: 0755
- require:
- pkg: iptables-pkg
iptables-config-dir:
file.directory:
- name: /etc/iptables
iptables-main-config:
file.managed:
- name: /etc/iptables/iptables.conf
- source: salt://firewall/iptables.conf.j2
- template: jinja
- watch_in:
- service: iptables-service
- require:
- pkg: iptables-pkg
- file: iptables-config-dir
iptables-reset-config:
file.managed:
- name: /etc/iptables/iptables.reset.conf
- source: salt://firewall/iptables.conf.reset.j2
- template: jinja
- watch_in:
- service: iptables-service
- require:
- pkg: iptables-pkg
- file: iptables-config-dir
ip6tables-main-config:
file.managed:
- name: /etc/iptables/ip6tables.conf
- source: salt://firewall/ip6tables.conf.j2
- template: jinja
- watch_in:
- service: iptables-service
- require:
- pkg: iptables-pkg
- file: iptables-config-dir
ip6tables-reset-config:
file.managed:
- name: /etc/iptables/ip6tables.reset.conf
- source: salt://firewall/ip6tables.conf.reset.j2
- template: jinja
- watch_in:
- service: iptables-service
- require:
- pkg: iptables-pkg
- file: iptables-config-dir
iptables-service:
service.running:
- name: iptables
- enable: true
- require:
- pkg: iptables-pkg