eriol
/
ansible-collection-kit
1
0
Fork 0
Code Releases Activity

Add README for nftables

This commit is contained in:
Daniele Tricoli 2020-10-30 03:22:55 +01:00
parent 8ad9cbe1df
commit 7658406ab9
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
roles/nftables/README.md Normal file
View File

@ -0,0 +1,28 @@
# nftables
Installs and configures nftables.
## Role variables
* `nftables_become` - Default: true. Enable/disable the Ansible become
functionality.
* `nftables_become_user` - Default: root. When using become functionality for
privilege escalation, this is the user with desired privileges you become.
* `nftables_input_policy` - Default: drop. Policy of input chain.
* `nftables_forward_policy` - Default: drop. Policy of forward chain.
* `nftables_output_policy` - Default: drop. Policy of output chain.
* `nftables_input_rules` - Default: []. List of input rules.
* `nftables_forward_rules` - Default: []. List of forward rules.
* `nftables_output_rules` - Default: []. List of output rules.
## Example playbook
```yaml
- hosts: my-server
vars:
nftables_output_policy: accept
nftables_input_rules:
- tcp dport ssh ct state new limit rate 15/minute accept
roles:
- eriol.kit.nftables
```