|
|
@@ -0,0 +1,33 @@
|
|
|
+#
|
|
|
+# Netfiler stuff
|
|
|
+#
|
|
|
+
|
|
|
+/etc/modules-load.d/netfilter:
|
|
|
+ file.managed:
|
|
|
+ - source: salt://firewall/modules
|
|
|
+
|
|
|
+
|
|
|
+iptables-persistent:
|
|
|
+ pkg.installed
|
|
|
+
|
|
|
+iptables-restore:
|
|
|
+ cmd.wait:
|
|
|
+ - name: /sbin/iptables-restore < /etc/iptables/rules.v4
|
|
|
+ - watch:
|
|
|
+ - file: /etc/iptables/rules.v4
|
|
|
+
|
|
|
+ip6tables-restore:
|
|
|
+ cmd.wait:
|
|
|
+ - name: /sbin/ip6tables-restore < /etc/iptables/rules.v6
|
|
|
+ - watch:
|
|
|
+ - file: /etc/iptables/rules.v6
|
|
|
+
|
|
|
+/etc/iptables/rules.v4:
|
|
|
+ file.managed:
|
|
|
+ - source: salt://firewall/rules.v4.tmpl
|
|
|
+ - template: jinja
|
|
|
+
|
|
|
+/etc/iptables/rules.v6:
|
|
|
+ file.managed:
|
|
|
+ - source: salt://firewall/rules.v6.tmpl
|
|
|
+ - template: jinja
|
