CDIST-TYPE__IPTABLES_RULE(7) - Linux man page online | Overview, conventions, and miscellany
Deploy iptable rulesets.
Chapter
Dec 18, 2016
CDIST-TYPE__IPTABLES_RULE(7) cdist CDIST-TYPE__IPTABLES_RULE(7)
4.4.1 Dec 18, 2016 CDIST-TYPE__IPTABLES_RULE(7)
NAME
cdist-type__iptables_rule - Deploy iptable rulesetsDESCRIPTION
This cdist type allows you to manage iptable rules in a distribution independent manner.REQUIRED PARAMETERS
rule The rule to apply. Essentially an iptables command line without iptables in front of it.OPTIONAL PARAMETERS
state 'present' or 'absent', defaults to 'present'EXAMPLES
# Deploy some policies __iptables_rule policy-in --rule "-P INPUT DROP" __iptables_rule policy-out --rule "-P OUTPUT ACCEPT" __iptables_rule policy-fwd --rule "-P FORWARD DROP" # The usual established rule __iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCE ↲ PT" # Some service rules __iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT" __iptables_rule ssh --rule "-A INPUT -p tcp --dport 22 -j ACCEPT" __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT" # Ensure some rules are not present anymore __iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT" \ --state absentSEE ALSO
cdist-type__iptables_apply(7), iptables(8)AUTHORS
Nico Schottelius <nico-cdist--@--schottelius.org>COPYING
Copyright (C) 2013 Nico Schottelius. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.This manual | Reference | Other manuals |
---|---|---|
cdist-type__iptables_rule(7) | referred by | cdist-type__firewalld_rule(7) | cdist-type__iptables_apply(7) |
refer to | cdist-type__iptables_apply(7) | iptables(8) |