Browse Source

Add firewall state

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
Maximilian Wilhelm 3 years ago
parent
commit
847fa1fc42
1 changed files with 33 additions and 0 deletions
  1. 33 0
      firewall/init.sls

+ 33 - 0
firewall/init.sls

@@ -0,0 +1,33 @@
+#
+# Netfiler stuff
+#
+
+/etc/modules-load.d/netfilter:
+  file.managed:
+    - source: salt://firewall/modules
+
+
+iptables-persistent:
+  pkg.installed
+
+iptables-restore:
+  cmd.wait:
+    - name: /sbin/iptables-restore < /etc/iptables/rules.v4
+    - watch:
+      - file: /etc/iptables/rules.v4
+
+ip6tables-restore:
+  cmd.wait:
+    - name: /sbin/ip6tables-restore < /etc/iptables/rules.v6
+    - watch:
+      - file: /etc/iptables/rules.v6
+
+/etc/iptables/rules.v4:
+  file.managed:
+    - source: salt://firewall/rules.v4.tmpl
+    - template: jinja
+
+/etc/iptables/rules.v6:
+  file.managed:
+    - source: salt://firewall/rules.v6.tmpl
+    - template: jinja