blob: 3b68ea0c374c4ff94ab4813e4961585f8716f6b5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
---
- name: Netmaster IPtables | Add internal rules
iptables:
action: insert
chain: INPUT
# Parsed from the contiv_netmaster_internal list, this will be tcp or udp.
protocol: "{{ item[0].split('/')[1] }}"
match: "{{ item[0].split('/')[1] }}"
# Parsed from the contiv_netmaster_internal list, this will be a port number.
destination_port: "{{ item[0].split('/')[0] }}"
# This is an IP address from a node in the cluster.
source: "{{ item[1] }}"
jump: ACCEPT
comment: contiv
with_nested:
- "{{ contiv_netmaster_internal }}"
- "{{ groups.oo_nodes_to_config|difference(hostvars[inventory_hostname]['ansible_' + contiv_netmaster_interface].ipv4.address)|list }}"
notify: Save iptables rules
- name: Netmaster IPtables | Add external rules
iptables:
action: insert
chain: INPUT
# Parsed from the contiv_netmaster_external list, this will be tcp or udp.
protocol: "{{ item.split('/')[1] }}"
match: "{{ item.split('/')[1] }}"
# Parsed from the contiv_netmaster_external list, this will be a port number.
destination_port: "{{ item.split('/')[0] }}"
jump: ACCEPT
comment: contiv
with_items: "{{ contiv_netmaster_external }}"
notify: Save iptables rules
|