API tools faq
paste
Advertisement
Guest User

/srv/pillar/iptables_rules.sls

a guest
Jul 18th, 2013
44
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.88 KB | None | 0 0
raw download clone embed print report
  1. ################################################### cat /srv/pillar/iptables_rules.sls
  2. iptables:
  3. {% if 'webserver' in grains['roles'] %}
  4. # List of TCP ports to open for all:
  5. accept_tcp_ports:
  6. - 22
  7. - 80
  8. - 443
  9. # List of TCP ports to open for specific sources:
  10. accept_tcp_from:
  11. - port: 4505
  12. source:
  13. - {{ grains['master'] }}
  14. - port: 4506
  15. source:
  16. - {{ grains['master'] }}
  17. # List of TCP ports to rate-limit:
  18. limit_tcp_ports:
  19. - 22
  20. {% else %}
  21. # DEFAULT
  22. # List of TCP ports to open for all:
  23. accept_tcp_ports:
  24. - 22
  25. # List of TCP ports to open for specific sources:
  26. accept_tcp_from:
  27. - port: 4505
  28. source:
  29. - {{ grains['master'] }}
  30. - port: 4506
  31. source:
  32. - {{ grains['master'] }}
  33. # List of TCP ports to rate-limit:
  34. limit_tcp_ports:
  35. - 22
  36. {% endif %}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!