Use simpler file structure
This commit is contained in:
parent
3bca1176a4
commit
7f6381b33c
17 changed files with 152 additions and 122 deletions
19
templates/nftables.j2
Normal file
19
templates/nftables.j2
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
# vim:set ts=2 sw=2 et:
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter {
|
||||
chain input {
|
||||
type filter hook input priority 0; policy drop;
|
||||
|
||||
# accept any localhost traffic
|
||||
iif lo accept
|
||||
|
||||
# accept traffic originated from us
|
||||
ct state { established, related } accept
|
||||
|
||||
tcp dport { 22, 80, 443 } accept
|
||||
}
|
||||
}
|
||||
Reference in a new issue