1CDIST-TYPE__IPTABLES_RULE(7)         cdist        CDIST-TYPE__IPTABLES_RULE(7)
2
3
4

NAME

6       cdist-type__iptables_rule - Deploy iptable rulesets
7

DESCRIPTION

9       This  cdist  type  allows you to manage iptable rules in a distribution
10       independent manner.
11

REQUIRED PARAMETERS

13       rule   The rule to apply. Essentially an iptables command line  without
14              iptables in front of it.
15

OPTIONAL PARAMETERS

17       state  'present' or 'absent', defaults to 'present'
18

EXAMPLES

20          # Deploy some policies
21          __iptables_rule policy-in  --rule "-P INPUT DROP"
22          __iptables_rule policy-out  --rule "-P OUTPUT ACCEPT"
23          __iptables_rule policy-fwd  --rule "-P FORWARD DROP"
24
25          # The usual established rule
26          __iptables_rule established  --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT"
27
28          # Some service rules
29          __iptables_rule http  --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
30          __iptables_rule ssh   --rule "-A INPUT -p tcp --dport 22 -j ACCEPT"
31          __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
32
33          # Ensure some rules are not present anymore
34          __iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT" \
35              --state absent
36

SEE ALSO

38       cdist-type__iptables_apply(7), iptables(8)
39

AUTHORS

41       Nico Schottelius <nico-cdist--@--schottelius.org>
42

COPYING

44       Copyright  (C)  2013  Nico  Schottelius. You can redistribute it and/or
45       modify it under the terms of the GNU General  Public  License  as  pub‐
46       lished  by  the  Free  Software  Foundation,  either  version  3 of the
47       License, or (at your option) any later version.
48

COPYRIGHT

50       ungleich GmbH 2019
51
52
53
54
556.3.0                            Dec 12, 2019     CDIST-TYPE__IPTABLES_RULE(7)