jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-16 18:23:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
ansible-roles/roles/freepbx/tasks/iptables.yml
Daniel Berteaud 60c1fefb94 Update to 2022-02-24 10:00
2022-02-24 10:00:06 +01:00

33 lines
1.4 KiB
YAML
Raw Blame History

---
- name: Load iptables FTP helper
copy: content="nf_conntrack_ftp" dest=/etc/modules-load.d/freepbx.conf
notify: restart systemd-modules-load
tags: fpbx
- name: Handle FreePBX ports
iptables_raw:
name: "{{ item.name }}"
state: "{{ (item.src | length > 0 and (item.tcp_ports | length > 0 or item.udp_ports | length > 0)) | ternary('present','absent') }}"
rules: "{% if item.tcp_ports is defined and item.tcp_ports | length > 0 %}-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ item.tcp_ports | join(',') }} -s {{ item.src | join(',') }} -j ACCEPT\n{% endif %}
{% if item.udp_ports is defined and item.udp_ports | length > 0 %}-A INPUT -m state --state NEW -p udp -m multiport --dports {{ item.udp_ports | join(',') }} -s {{ item.src | join(',') }} -j ACCEPT{% endif %}"
when: iptables_manage | default(True)
loop:
- name: fpbx_mgm_ports
tcp_ports: "{{ fpbx_mgm_tcp_ports }}"
udp_ports: "{{ fpbx_mgm_udp_ports }}"
src: "{{ fpbx_mgm_src_ip }}"
- name: fpbx_voip_ports
tcp_ports: "{{ fpbx_voip_tcp_ports }}"
udp_ports: "{{ fpbx_voip_udp_ports }}"
src: "{{ fpbx_voip_src_ip }}"
- name: fpbx_http_ports
tcp_ports: "{{ fpbx_http_ports }}"
src: "{{ fpbx_http_src_ip }}"
- name: fpbx_prov_ports
tcp_ports: "{{ fpbx_prov_tcp_ports }}"
udp_ports: "{{ fpbx_prov_udp_ports }}"
src: "{{ fpbx_prov_src_ip }}"
tags: fpbx,firewall
Reference in New Issue View Git Blame Copy Permalink