Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / iptables / c64117f0638a909ba79c4d45c8571d089afc5dfe / . / tests / pillar / iptables.sls
blob: 58b3e3e4400ae95ede4f07816f32cb9bf2b83984 [file] [log] [blame]
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]1iptables:
2 schema:
3 epoch: 1
4 service:
5 v4:
6 enabled: true
7 modules:
8 - nf_conntrack_ftp
9 - nf_conntrack_pptp
10 v6:
11 enabled: false
12 modules:
13 - nf_conntrack_ipv6
14 defaults:
15 v4:
16 metadata_rules: false
17 policy: ACCEPT
18 ruleset:
19 action: ACCEPT
20 params: ""
21 rule: ""
22 v6:
23 metadata_rules: false
Dzmitry Stremkouskia5871a62018-11-07 23:04:36 +0100[diff] [blame]24 policy: ACCEPT
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]25 ruleset:
26 action: ACCEPT
27 params: ""
28 rule: ""
29 tables:
30 v4:
31 filter:
32 chains:
Dzmitry Stremkouskia5871a62018-11-07 23:04:36 +0100[diff] [blame]33 FORWARD:
34 policy: DROP
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]35 INPUT:
36 ruleset:
37 5:
38 action: log_drop
39 10:
40 rule: -s 192.168.0.0/24 -p tcp
41 log_drop:
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]42 ruleset:
43 10:
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]44 action: LOG
45 nat:
46 chains:
Dzmitry Stremkouski1ca901c2018-11-05 13:20:52 +0100[diff] [blame]47 OUTPUT: {}
48 PREROUTING: {}
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]49 POSTROUTING:
50 policy: ACCEPT
51 ruleset:
52 10:
53 rule: -s 192.168.0.0/24 -p tcp -o lo
54 action: SNAT
55 params: --to-source=127.0.0.1
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]56 v6:
57 filter:
58 chains:
59 INPUT:
60 ruleset:
61 5:
62 action: log_drop
63 10:
64 rule: -s 200A:0:200C::1/64 -p tcp
65 log_drop:
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]66 ruleset:
67 10:
Dzmitry Stremkouskie353ce32018-08-30 17:22:32 +0200[diff] [blame]68 action: LOG