alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

roles/common: use a range for mosh ports in nftables

Browse Source 
This is better than a loop in Jinja (though that is useful!).
This commit is contained in:
Alan Orth 2021-09-28 07:34:25 +03:00
parent 89ced6f952
commit b13ead0657
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
roles/common/templates/nftables.conf.j2
View File

@ -81,12 +81,8 @@ table inet filter {
ip6 saddr ::/0 ct state new tcp dport 443 counter accept comment "Allow HTTPS"
{% endif %}
ip saddr 0.0.0.0/0 ct state new udp dport 60001 counter accept comment "Allow mosh"
ip saddr 0.0.0.0/0 ct state new udp dport 60002 counter accept comment "Allow mosh"
ip saddr 0.0.0.0/0 ct state new udp dport 60003 counter accept comment "Allow mosh"
ip6 saddr ::/0 ct state new udp dport 60001 counter accept comment "Allow mosh"
ip6 saddr ::/0 ct state new udp dport 60002 counter accept comment "Allow mosh"
ip6 saddr ::/0 ct state new udp dport 60003 counter accept comment "Allow mosh"
ip saddr 0.0.0.0/0 ct state new udp dport 60001-60003 counter accept comment "Allow mosh"
ip6 saddr ::/0 ct state new udp dport 60001-60003 counter accept comment "Allow mosh"
{# Extra rules #}
{% if extra_iptables_rules is defined %}