ungleich-public/cdist-web
ungleich-public
/
cdist-web
6
0
Fork 1
Code Issues 1 Pull Requests Projects Releases Wiki Activity
cdist-web/src/extra/manual/2.3.5/man7/cdist-type__iptables_rule.html

34 lines
4.3 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>cdist-type__iptables_rule(7)</title><link rel="stylesheet" type="text/css" href="docbook-xsl.css" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /></head><body><div xml:lang="en" class="article" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="idm140648280749872"></a>cdist-type__iptables_rule(7)</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Nico</span> <span class="surname">Schottelius</span></h3><code class="email">&lt;<a class="email" href="mailto:nico-cdist--@--schottelius.org">nico-cdist--@--schottelius.org</a>&gt;</code></div></div></div><hr /></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="#_name">1. NAME</a></span></dt><dt><span class="section"><a href="#_description">2. DESCRIPTION</a></span></dt><dt><span class="section"><a href="#_required_parameters">3. REQUIRED PARAMETERS</a></span></dt><dt><span class="section"><a href="#_optional_parameters">4. OPTIONAL PARAMETERS</a></span></dt><dt><span class="section"><a href="#_examples">5. EXAMPLES</a></span></dt><dt><span class="section"><a href="#_see_also">6. SEE ALSO</a></span></dt><dt><span class="section"><a href="#_copying">7. COPYING</a></span></dt></dl></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_name"></a>1. NAME</h2></div></div></div><p>cdist-type__iptables_rule - Deploy iptable rulesets</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_description"></a>2. DESCRIPTION</h2></div></div></div><p>This cdist type allows you to manage iptable rules
in a distribution independent manner.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_required_parameters"></a>3. REQUIRED PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
rule
</span></dt><dd>
The rule to apply. Essentially an iptables command
line without iptables in front of it.
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_optional_parameters"></a>4. OPTIONAL PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
state
</span></dt><dd>
<span class="emphasis"><em>present</em></span> or <span class="emphasis"><em>absent</em></span>, defaults to <span class="emphasis"><em>present</em></span>
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_examples"></a>5. EXAMPLES</h2></div></div></div><pre class="screen"># Deploy some policies
__iptables_rule policy-in --rule "-P INPUT DROP"
__iptables_rule policy-out --rule "-P OUTPUT ACCEPT"
__iptables_rule policy-fwd --rule "-P FORWARD DROP"
# The usual established rule
__iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT"
# Some service rules
__iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
__iptables_rule ssh --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
__iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
# Ensure some rules are not present anymore
__iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT" \
--state absent</pre></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_see_also"></a>6. SEE ALSO</h2></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
cdist-type(7)
</li><li class="listitem">
cdist-type__iptables_apply(7)
</li><li class="listitem">
iptables(8)
</li></ul></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_copying"></a>7. COPYING</h2></div></div></div><p>Copyright (C) 2013 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).</p></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink