manala.shorewall
#######################################################################################################
:exclamation: DEPRECATION :exclamation:
This repository and the role associated are no longer supported. Please use the Manala Ansible Collection instead.
You can find instructions on how to use it in the collection repository.
#######################################################################################################
Ansible Role: Shorewall 
:exclamation: Report issues and send Pull Requests to the main Ansible Role repository :exclamation:
This role sets up Shorewall.
It is part of the Manala Ansible stack but can also be used separately.
Requirements
None.
Dependencies
None.
Installation
Ansible 2+
Using the ansible galaxy command line:
ansible-galaxy install manala.shorewall
Using an ansible galaxy requirements file:
- src: manala.shorewall
Role Handlers
| Name | Type | Description |
|---|---|---|
shorewall restart |
Service | Restart Shorewall |
Role Variables
| Name | Default | Type | Description |
|---|---|---|---|
manala_shorewall_install_packages |
~ | Array | Packages to install |
manala_shorewall_install_packages_default |
['shorewall'] | Array | Default packages to install |
manala_shorewall_config_file |
'/etc/shorewall/shorewall.conf' | String | Path to the main configuration file |
manala_shorewall_config |
{} | Array | Main configuration settings |
manala_shorewall_configs_exclusive |
false | Boolean | Exclude existing files for additional configurations |
manala_shorewall_configs_dir |
'/etc/shorewall' | String | Path for additional configuration files |
manala_shorewall_configs_defaults |
{} | Array | Defaults for additional configurations |
manala_shorewall_configs |
[] | Array | Additional configuration settings (zones, rules, interfaces,...) |
Configuration examples (See Shorewall documentation for more information)
manala_shorewall_config:
LOG_MARTIANS: "Yes"
IP_FORWARDING: "On"
manala_shorewall_configs:
# Content based
- file: policy
config: |
# FW to internet
fw all ACCEPT
# Default rule DROP
net all DROP info
dmz all DROP info
# Must be last
all all REJECT info
# Template based (file name based on template)
- template: policy.j2
config:
foo: bar
# Template based (force file name)
- file: policy
template: policy_foo.j2
config:
foo: bar
# Dicts array template based (deprecated)
- file: policy
config:
# FW to internet
- fw: all ACCEPT
# Default rule DROP
- net: all DROP info
- dmz: all DROP info
# Must be last
- all: all REJECT info
# Ensure config is absent
- file: policy
state: absent # "present" by default
# Ignore config
- file: policy
state: ignore
# Flatten configs
- "{{ my_custom_configs_array }}"
Example playbook
- hosts: servers
roles:
- role: manala.shorewall
License
MIT
Author information
Manala (http://www.manala.io/)
Installa
ansible-galaxy install manala.shorewallLicenza
Unknown
Download
1.9k
Proprietario
Manala is an open source project supported by the french web agency ELAO providing advanced ansible roles for website's infrastructures and far more.