ansible/roles/nftables/templates/nftables.conf.j2

44 lines
1 KiB
Text
Raw Normal View History

{{ ansible_managed | comment }}
flush ruleset
{% for name, value in nftables__vars.items() %}
{% if value is iterable and value is not string %}
define {{ name }} = { {{ value | join(", ") }} }
{% else %}
define {{ name }} = {{ value }}
{% endif %}
{% endfor %}
{% for name, table in nftables__tables.items() %}
table {{ table.type }} {{ name }} {
{% if table.sets is defined %}
{% for name, set in table.sets.items() %}
set {{ name }} {
type {{ set.type }}
{% if set.flags is defined %}
flags {{ set.flags | join(", ") }}
{% endif %}
{% if set.elements is defined %}
elements = { {{ set.elements | join(", ") }} }
{% endif %}
}
{% endfor %}
{% endif %}
{% if table.chains is defined %}
{% for name, chain in table.chains.items() | default({}) %}
chain {{ name }} {
{% if chain.hook is defined %}
type {{ chain.type }} hook {{ chain.hook }} priority {{ chain.priority }}
policy {{ chain.policy }}
{% endif %}
{% for rule in chain.rules %}
{{ rule | indent }}
{% endfor %}
}
{% endfor %}
{% endif %}
}
{% endfor %}