tripleo-image-elements

History

Stuart McLaren 63fb151eb7 Add os-iptables-stateful script for managing iptables Applies iptables configuration based on an input file and the current iptables state. This script is used to perform idempotent operations, eg to prevent adding duplicate rules. Sample input: -N stunnel-INPUT -A stunnel-INPUT -p tcp -m tcp --dport 4433 -j REJECT -A stunnel-INPUT -j RETURN -I INPUT -p tcp -j stunnel-INPUT Unlike 'iptables-restore --noflush' the script is idempotent. Change-Id: I8eef1361ea90647507cf596f7bfc81815e32a96e Partially implements: blueprint os-iptables-scripts	2014-06-27 12:00:39 +00:00
..
bin	Add os-iptables-stateful script for managing iptables	2014-06-27 12:00:39 +00:00
README.md	Adds iptables element	2014-01-17 09:18:19 -05:00

Stuart McLaren 63fb151eb7 Add os-iptables-stateful script for managing iptables

Applies iptables configuration based on an input file and the current
iptables state. This script is used to perform idempotent operations,
eg to prevent adding duplicate rules.

Sample input:

-N stunnel-INPUT
-A stunnel-INPUT -p tcp -m tcp --dport 4433 -j REJECT
-A stunnel-INPUT -j RETURN
-I INPUT -p tcp -j stunnel-INPUT

Unlike 'iptables-restore --noflush' the script is idempotent.

Change-Id: I8eef1361ea90647507cf596f7bfc81815e32a96e
Partially implements: blueprint os-iptables-scripts

2014-06-27 12:00:39 +00:00

bin

Add os-iptables-stateful script for managing iptables

2014-06-27 12:00:39 +00:00

README.md

Adds iptables element

2014-01-17 09:18:19 -05:00

README.md

##iptables

This element installs a single script that consolidates the logic required to handle inserting iptables rules. This script uses the check (-C) argument to check whether a rule matching the specification does exist in the selected chain before inserting it.

RULE: The rule to insert into iptables