2016-09-13 23:25:51 +02:00
|
|
|
# == State: firewalld.direct
|
|
|
|
|
|
|
|
{% from "firewalld/map.jinja" import firewalld with context %}
|
|
|
|
|
|
|
|
|
|
|
|
# == Define: firewalld.direct
|
|
|
|
#
|
2017-03-10 20:14:51 +01:00
|
|
|
# This defines a configuration for permanent direct chains,
|
2016-09-13 23:25:51 +02:00
|
|
|
# rules and passtthroughs, see firewalld.direct (5) man page.
|
|
|
|
|
|
|
|
{%- if firewalld.get('direct', False) %}
|
|
|
|
/etc/firewalld/direct.xml:
|
|
|
|
file:
|
|
|
|
- managed
|
|
|
|
- name: /etc/firewalld/direct.xml
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: "0644"
|
|
|
|
- source: salt://firewalld/files/direct.xml
|
|
|
|
- template: jinja
|
|
|
|
- require:
|
|
|
|
- pkg: package_firewalld # make sure package is installed
|
|
|
|
- file: directory_firewalld
|
2017-03-10 20:14:51 +01:00
|
|
|
- require_in:
|
|
|
|
- service: service_firewalld
|
|
|
|
- watch_in:
|
|
|
|
- cmd: reload_firewalld # reload firewalld config
|
2016-09-13 23:25:51 +02:00
|
|
|
- context:
|
|
|
|
direct: {{ firewalld.direct|json }}
|
|
|
|
{%- endif %}
|