opendev
/
system-config
Code Issues Proposed changes
system-config/playbooks/roles/iptables
History
Clark Boylan 94eb7e5d2b Set iptables forward drop by default 
Docker wants to set FORWARD DROP but our existing rules set FORWARD
ACCEPT. To avoid these two services fighting over each other and to
simplify testing lets default to FORWARD DROP too.

None of our servers should act as routers currently. If we resurrect
infracloud or if we deploy k8s this may change but today this should be
fine and be a safer ruleset.

Change-Id: I5f19233129cf54eb70beb335c7b6224f0836096c
 		2018-12-14 10:33:26 -08:00
..
defaults Add iptables role 2018-08-27 14:33:32 +00:00
handlers Don't import tasks in iptables reload and use listen 2018-12-03 08:59:30 -08:00
tasks Don't import tasks in iptables reload and use listen 2018-12-03 08:59:30 -08:00
templates Set iptables forward drop by default 2018-12-14 10:33:26 -08:00
vars Add iptables role 2018-08-27 14:33:32 +00:00
README.rst Add iptables role 2018-08-27 14:33:32 +00:00

README.rst

Install and configure iptables

Role Variables