Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
tasks:
- name: Install iptables Persistent
apt: name=netfilter-persistent state=present update_cache=true
- name: Set Loop Back Rule
iptables:
chain: INPUT
in_interface: lo
jump: ACCEPT
comment: 'Accept all loop back traffic'
- name: Set Established Connection Rule
iptables:
chain: INPUT
ctstate: 'ESTABLISHED,RELATED'
jump: ACCEPT
comment: 'Let all established connection stay'
- name: Set SSH Port 40022 SSH Rule
iptables:
chain: INPUT
jump: ACCEPT
protocol: tcp
destination_port: 40022
comment: 'Accept all SSH traffic'
- name: Set HTTP Port 80 HTTP Rule
iptables:
chain: INPUT
jump: ACCEPT
protocol: tcp
destination_port: 80
comment: 'Accept all HTTP traffic'
- name: Set HTTPS Port 443 TLS Rule
iptables:
chain: INPUT
jump: ACCEPT
protocol: tcp
destination_port: 443
comment: 'Accept all SSL traffic'
- name: Set Port 3306 SQL Rule
iptables:
chain: INPUT
jump: ACCEPT
protocol: tcp
destination_port: 3306
comment: 'Accept all MySQL traffic'
- name: Drop Any Traffic Without Rule
iptables:
chain: INPUT
jump: DROP
comment: 'Drop traffic for rules that did not match'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.