Initial commit

2019-08-28 11:15:00 +02:00
parent 827e5cd149
commit 8fee45bafa
6 changed files with 70 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -0,0 +1,26 @@
+iptables_rules_v4:
+  filter:
+    INPUT:
+      policy: DROP
+      rules:
+        - "-i lo -j ACCEPT"
+        - "-m state --state RELATED,ESTABLISHED -j ACCEPT"
+        - "-p icmp -m icmp --icmp-type any -j ACCEPT"
+        - "-p tcp -m tcp --dport 22 -j ACCEPT"
+    FORWARD:
+      policy: ACCEPT
+    OUTPUT:
+      policy: ACCEPT
+iptables_rules_v6:
+  filter:
+    INPUT:
+      policy: DROP
+      rules:
+        - "-i lo -j ACCEPT"
+        - "-m state --state RELATED,ESTABLISHED -j ACCEPT"
+        - "-p ipv6-icmp -j ACCEPT"
+        - "-p tcp -m tcp --dport 22 -j ACCEPT"
+    FORWARD:
+      policy: ACCEPT
+    OUTPUT:
+      policy: ACCEPT