dani/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
44ee2cb941
ansible-roles/roles/samba/tasks/iptables.yml
Daniel Berteaud 4c4556c660 Update to 2021-12-01 19:13
2021-12-01 19:13:34 +01:00

28 lines
1.5 KiB
YAML
Raw Blame History

---
- name: Handle DNS ports
iptables_raw:
name: samba_dns_ports
state: "{{ (samba_dns_src_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ samba_dns_ports | join(',') }} -s {{ samba_dns_src_ip | join(',') }} -j ACCEPT\n
-A INPUT -m state --state NEW -p udp -m multiport --dports {{ samba_dns_ports | join(',') }} -s {{ samba_dns_src_ip | join(',') }} -j ACCEPT"
when: samba_role == 'dc' or samba_role == 'rodc'
tags: samba,firewall
- name: Handle DC services ports
iptables_raw:
name: samba_dc_ports
state: "{{ (samba_dc_src_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ samba_dc_tcp_ports | join(',') }} -s {{ samba_dc_src_ip | join(',') }} -j ACCEPT\n
-A INPUT -m state --state NEW -p udp -m multiport --dports {{ samba_dc_udp_ports | join(',') }} -s {{ samba_dc_src_ip | join(',') }} -j ACCEPT"
when: samba_role == 'dc' or samba_role == 'rodc'
tags: samba,firewall
- name: Handle other ports
iptables_raw:
name: samba_file_ports
state: "{{ (samba_file_src_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ samba_file_tcp_ports | join(',') }} -s {{ samba_file_src_ip | join(',') }} -j ACCEPT\n
-A INPUT -m state --state NEW -p udp -m multiport --dports {{ samba_file_udp_ports | join(',') }} -s {{ samba_file_src_ip | join(',') }} -j ACCEPT"
tags: samba,firewall
Reference in New Issue View Git Blame Copy Permalink