[IPTABLES] Add rules (Not tested)
This commit is contained in:
parent
5fa2b5bd2b
commit
fcd5694fa8
14 changed files with 415 additions and 0 deletions
42
roles/iptables/tasks/main.yml
Normal file
42
roles/iptables/tasks/main.yml
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
---
|
||||
|
||||
- ansible.builtin.import_tasks: accept_established.yml
|
||||
name: accept_established
|
||||
|
||||
- ansible.builtin.import_tasks: accept_loopback.yml
|
||||
name: accept_loopback
|
||||
|
||||
- ansible.builtin.import_tasks: accept_dns.yml
|
||||
name: accept_dns
|
||||
|
||||
- ansible.builtin.import_tasks: accept_http.yml
|
||||
name: accept_http
|
||||
|
||||
- ansible.builtin.import_tasks: accept_ssh.yml
|
||||
name: accept_ssh
|
||||
|
||||
- ansible.builtin.import_tasks: accept_ntp.yml
|
||||
name: accept_ntp
|
||||
|
||||
- ansible.builtin.import_tasks: accept_matrix.yml
|
||||
name: accept_matrix
|
||||
|
||||
- ansible.builtin.import_tasks: accept_icmp.yml
|
||||
name: accept_icmp
|
||||
|
||||
- ansible.builtin.import_tasks: block_basic_ddos.yml
|
||||
name: block_basic_ddos
|
||||
|
||||
- ansible.builtin.import_tasks: block_port_scan.yml
|
||||
name: block_port_scan
|
||||
|
||||
- ansible.builtin.import_tasks: accept_private_networks.yml
|
||||
name: accept_private_networks
|
||||
|
||||
# Add drop after to avoid lock system during configuration
|
||||
|
||||
- ansible.builtin.import_tasks: drop_scans_xmas_null.yml
|
||||
name: drop_scans_xmas_null
|
||||
|
||||
- ansible.builtin.import_tasks: drop_all_by_default.yml
|
||||
name: drop_all_by_default
|
||||
Loading…
Add table
Add a link
Reference in a new issue