Allow to prepend iptables rules for both IPv4 and IPv6
This commit is contained in:
parent
45a9ad69f1
commit
77ec14c284
3 changed files with 10 additions and 2 deletions
|
@ -2,9 +2,13 @@
|
||||||
iptables__state: install
|
iptables__state: install
|
||||||
iptables__drop_by_default: false
|
iptables__drop_by_default: false
|
||||||
iptables__allow_output_ifaces: []
|
iptables__allow_output_ifaces: []
|
||||||
|
|
||||||
iptables__v4_filter_prepend: null
|
iptables__v4_filter_prepend: null
|
||||||
iptables__v4_filter_append: null
|
|
||||||
iptables__v4_nat: null
|
|
||||||
iptables__v6_filter_prepend: null
|
iptables__v6_filter_prepend: null
|
||||||
|
iptables__all_filter_prepend: null
|
||||||
|
|
||||||
|
iptables__v4_filter_append: null
|
||||||
iptables__v6_filter_append: null
|
iptables__v6_filter_append: null
|
||||||
|
|
||||||
|
iptables__v4_nat: null
|
||||||
iptables__v6_nat: null
|
iptables__v6_nat: null
|
||||||
|
|
|
@ -31,6 +31,8 @@ COMMIT
|
||||||
|
|
||||||
{{ iptables__v4_filter_prepend }}
|
{{ iptables__v4_filter_prepend }}
|
||||||
|
|
||||||
|
{{ iptables__all_filter_prepend }}
|
||||||
|
|
||||||
# Allow all loopback (lo) traffic and reject anything
|
# Allow all loopback (lo) traffic and reject anything
|
||||||
# to localhost that does not originate from lo.
|
# to localhost that does not originate from lo.
|
||||||
-A INPUT -i lo -j ACCEPT
|
-A INPUT -i lo -j ACCEPT
|
||||||
|
|
|
@ -31,6 +31,8 @@ COMMIT
|
||||||
|
|
||||||
{{ iptables__v6_filter_prepend }}
|
{{ iptables__v6_filter_prepend }}
|
||||||
|
|
||||||
|
{{ iptables__all_filter_prepend }}
|
||||||
|
|
||||||
# Allow all loopback (lo) traffic and reject anything
|
# Allow all loopback (lo) traffic and reject anything
|
||||||
# to localhost that does not originate from lo.
|
# to localhost that does not originate from lo.
|
||||||
-A INPUT -i lo -j ACCEPT
|
-A INPUT -i lo -j ACCEPT
|
||||||
|
|
Loading…
Reference in a new issue