salt.states.iptables¶
Management of iptables¶
This is an iptables-specific module designed to manage Linux firewalls. It is expected that this state module, and other system-specific firewall states, may at some point be deprecated in favor of a more generic firewall state.
httpd:
iptables.append:
- table: filter
- chain: INPUT
- jump: ACCEPT
- match: state
- connstate: NEW
- dport: 80
- proto: tcp
- sport: 1025:65535
-
salt.states.iptables.append(name, **kwargs)¶ Append a rule to a chain
- name
- A user-defined name to call this rule by in another part of a state or formula. This should not be an actual rule.
All other arguments are passed in with the same name as the long option that would normally be used for iptables, with one exception: --state is specified as connstate instead of state (not to be confused with ctstate).