infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

try this logic for later

Browse source
This commit is contained in:
Stephen Smoogen 2020-04-09 18:22:26 +00:00 committed by Pierre-Yves Chibon
parent 05e9125c67
commit d951a6f19e
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/base/templates/iptables/iptables
View file

@ -103,7 +103,11 @@
{% if proxy_tcp_ports is defined %} {% if proxy_tcp_ports is defined %}
{% for port in proxy_tcp_ports %} {% for port in proxy_tcp_ports %}
{% for proxy in (groups['proxies'] + groups['proxies_internal']) %} {% for proxy in (groups['proxies'] + groups['proxies_internal']) %}
{% if hostvars[proxy]['datacenter'] == "phx2" and 'ansible_eth0' in hostvars[proxy] %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
{% else %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
{% endif %}
{% endfor %} {% endfor %}
# nagios # nagios
-A INPUT -p tcp -m tcp --dport {{ port }} --src 10.5.126.41 -j ACCEPT -A INPUT -p tcp -m tcp --dport {{ port }} --src 10.5.126.41 -j ACCEPT