forked from saltstack-formulas/firewalld-formula
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpillar.example.sls
56 lines (56 loc) · 1.67 KB
/
pillar.example.sls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# CentOS7 FirewallD firewall
firewalld:
enabled: True
default_zone: public
services:
sshcustom:
short: sshcustom
description: SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.
ports:
tcp:
- 3232
- 5252
modules:
- some_module_to_load
destinations:
ipv4:
- 224.0.0.251
- 224.0.0.252
ipv6:
- ff02::fb
- ff02::fc
zones:
public:
short: Public
description: "For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted."
services:
- http
- https
- ssh
- dhcpv6-client
# ports:
# - comment: For our dummy service
# port: 1234
# protocol: tcp
# forward_ports:
# - comment: forward 123 to other machine
# portid: 123
# protocol: tcp
# to_port: 321
# to_addr: 1.2.3.4
# rich_rules:
# - family: ipv4
# source:
# address: 192.168.1.0/24
# invert: true
# port:
# portid: 123-321
# protocol: udp
# log:
# prefix: local
# level: notice
# limit: 3/s
# audit:
# limit: 2/h
# reject:
# type: icmp-host-prohibited