Skip to content
This repository has been archived by the owner on Aug 20, 2024. It is now read-only.

Ansible role which installs and configures shorewall and shorewall6.

License

Notifications You must be signed in to change notification settings

SphericalElephant/ansible-shorewall

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Shorewall

Ansible role which installs and configures shorewall and shorewall6.

Role Variables

shorewall: True
shorewall6: False

shorewall_interfaces:
  - { zone: net, interface: eth0, options: "dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0" }

shorewall_policies:
  - { source: "$FW", dest: all, policy: ACCEPT }
  - { source: net, dest: all, policy: REJECT }
  - { source: all, dest: all, policy: REJECT, log_level: info }

shorewall_rules:
  - section: NEW
    rules:
    - { action: "Invalid(DROP)", source: net, dest: "$FW", proto: tcp }
    - { action: ACCEPT, source: net, dest: "$FW", proto: tcp, dest_port: ssh }
    - { action: ACCEPT, source: net, dest: "$FW", proto: icmp, dest_port: echo-request }

shorewall_zones:
  - { zone: fw, type: firewall }
  - { zone: net, type: ipv4 }

Example Playbook

- hosts: all
  roles:
     - SphericalElephant.shorewall

License

MIT

Author Information

  • Farhad Shahbazi
  • Sascha Biberhofer

About

Ansible role which installs and configures shorewall and shorewall6.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published