eriol/ansible-collection-kit
1
0
Fork 0
Code Issues Pull requests Releases Activity
ansible-collection-kit/roles/nftables
History
Exact
Daniele Tricoli 376a5b3b7e Don't flush all the rules
2026-05-05 02:20:40 +02:00
..
defaults Add nftables_nat_prerouting_rules 2026-04-28 23:10:23 +02:00
handlers Use FQCN 2022-04-08 18:47:12 +02:00
tasks Use FQCN 2022-04-08 18:47:12 +02:00
templates/etc Don't flush all the rules 2026-05-05 02:20:40 +02:00
README.md Add nftables_nat_prerouting_rules 2026-04-28 23:10:23 +02:00

README.md

nftables

Installs and configures nftables.

Role variables

  • nftables_become - Default: true. Enable/disable the Ansible become functionality.
  • nftables_become_user - Default: root. When using become functionality for privilege escalation, this is the user with desired privileges you become.
  • nftables_input_policy - Default: drop. Policy of input chain.
  • nftables_forward_policy - Default: drop. Policy of forward chain.
  • nftables_output_policy - Default: drop. Policy of output chain.
  • nftables_nat_prerouting_rules - Default: []. List of NAT prerouting rules.
  • nftables_input_rules - Default: []. List of input rules.
  • nftables_forward_rules - Default: []. List of forward rules.
  • nftables_output_rules - Default: []. List of output rules.

Example playbook

- hosts: my-server
  vars:
    nftables_output_policy: accept
    nftables_nat_prerouting_rules:
      - tcp dport 25 redirect to :2525
      - tcp dport 587 redirect to :2587
      - tcp dport 993 redirect to :9993
    nftables_input_rules:
      - tcp dport ssh ct state new limit rate 15/minute accept
  roles:
    - eriol.kit.nftables