Allow to prepend iptables rules for both IPv4 and IPv6

This commit is contained in:
Alex Kotov 2021-09-15 03:36:13 +05:00
parent 45a9ad69f1
commit 77ec14c284
Signed by: kotovalexarian
GPG key ID: 553C0EBBEB5D5F08
3 changed files with 10 additions and 2 deletions

View file

@ -2,9 +2,13 @@
iptables__state: install iptables__state: install
iptables__drop_by_default: false iptables__drop_by_default: false
iptables__allow_output_ifaces: [] iptables__allow_output_ifaces: []
iptables__v4_filter_prepend: null iptables__v4_filter_prepend: null
iptables__v4_filter_append: null
iptables__v4_nat: null
iptables__v6_filter_prepend: null iptables__v6_filter_prepend: null
iptables__all_filter_prepend: null
iptables__v4_filter_append: null
iptables__v6_filter_append: null iptables__v6_filter_append: null
iptables__v4_nat: null
iptables__v6_nat: null iptables__v6_nat: null

View file

@ -31,6 +31,8 @@ COMMIT
{{ iptables__v4_filter_prepend }} {{ iptables__v4_filter_prepend }}
{{ iptables__all_filter_prepend }}
# Allow all loopback (lo) traffic and reject anything # Allow all loopback (lo) traffic and reject anything
# to localhost that does not originate from lo. # to localhost that does not originate from lo.
-A INPUT -i lo -j ACCEPT -A INPUT -i lo -j ACCEPT

View file

@ -31,6 +31,8 @@ COMMIT
{{ iptables__v6_filter_prepend }} {{ iptables__v6_filter_prepend }}
{{ iptables__all_filter_prepend }}
# Allow all loopback (lo) traffic and reject anything # Allow all loopback (lo) traffic and reject anything
# to localhost that does not originate from lo. # to localhost that does not originate from lo.
-A INPUT -i lo -j ACCEPT -A INPUT -i lo -j ACCEPT