Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ################################################### cat /srv/pillar/iptables_rules.sls
- iptables:
- {% if 'webserver' in grains['roles'] %}
- # List of TCP ports to open for all:
- accept_tcp_ports:
- - 22
- - 80
- - 443
- # List of TCP ports to open for specific sources:
- accept_tcp_from:
- - port: 4505
- source:
- - {{ grains['master'] }}
- - port: 4506
- source:
- - {{ grains['master'] }}
- # List of TCP ports to rate-limit:
- limit_tcp_ports:
- - 22
- {% else %}
- # DEFAULT
- # List of TCP ports to open for all:
- accept_tcp_ports:
- - 22
- # List of TCP ports to open for specific sources:
- accept_tcp_from:
- - port: 4505
- source:
- - {{ grains['master'] }}
- - port: 4506
- source:
- - {{ grains['master'] }}
- # List of TCP ports to rate-limit:
- limit_tcp_ports:
- - 22
- {% endif %}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement