role_nftables/templates/tables.conf.j2

58 lines
1.1 KiB
Plaintext
Raw Normal View History

2022-10-03 16:15:12 +00:00
# {{ ansible_managed }}
{% if
item.ipv4_rules.prerouting | length > 0
or
item.ipv4_rules.postrouting | length > 0
%}
table ip {{ item.filename }} {
{% if item.ipv4_rules.prerouting | length > 0 %}
chain prerouting {
type nat hook prerouting priority 0;
{% for rule in item.ipv4_rules.prerouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
{% if item.ipv4_rules.postrouting | length > 0 %}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
{% for rule in item.ipv4_rules.postrouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
}
{% endif %}
{% if
item.ipv6_rules.prerouting | length > 0
or
item.ipv6_rules.postrouting | length > 0
%}
table ip6 {{ item.filename }} {
{% if item.ipv6_rules.prerouting | length > 0 %}
chain prerouting {
type nat hook prerouting priority 0;
{% for rule in item.ipv6_rules.prerouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
{% if item.ipv6_rules.postrouting | length > 0 %}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
{% for rule in item.ipv6_rules.postrouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
}
{% endif %}