initial version of pf module
This commit is contained in:
parent
107f5d32ac
commit
332b433971
4 changed files with 53 additions and 0 deletions
22
roles/pf/templates/pf.conf.j2
Normal file
22
roles/pf/templates/pf.conf.j2
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
|
||||
set block-policy return
|
||||
set skip on lo0
|
||||
|
||||
block in
|
||||
pass out
|
||||
|
||||
pass in quick proto icmp
|
||||
pass in quick proto icmp6
|
||||
|
||||
{% for rule in firewall_raw %}
|
||||
{{ rule }}
|
||||
{% endfor %}
|
||||
{% for rule in firewall_in %}
|
||||
{% if rule.from is defined %}
|
||||
{% for from in rule.from | ipaddr %}
|
||||
pass in quick proto {{ rule.proto }} from {{ from }} to port {{ rule.port }}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
pass in quick proto {{ rule.proto }} to port {{ rule.port }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
Loading…
Add table
Add a link
Reference in a new issue