iptables: also remove ansible_facts in prod iptables template
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
Patrick Uiterwijk
parent
63489a3ccb
commit
a8ab545e11
1 changed files with 2 additions and 2 deletions
|
|
@ -104,9 +104,9 @@
|
||||||
{% for port in proxy_tcp_ports %}
|
{% for port in proxy_tcp_ports %}
|
||||||
{% for proxy in (groups['proxies'] + groups['proxies-internal']) %}
|
{% for proxy in (groups['proxies'] + groups['proxies-internal']) %}
|
||||||
{% if hostvars[proxy]['vpn'] %}
|
{% if hostvars[proxy]['vpn'] %}
|
||||||
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
|
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
|
||||||
{% else %}
|
{% else %}
|
||||||
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
|
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue