add simple handling for nftable rulesets in base role

author: Christian Pointner <equinox@spreadspace.org> 2022-06-15 19:35:36 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2022-06-15 19:35:36 +0200
commit: 8e5c279f7cecf29589835e74602155b9afc430d8 (patch)
tree: c55e219fa44c220a29a4ef55ddc10c5f37456675 /roles/network/nftables/base/defaults
parent: update apt-repo gpg key for tor-project (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/roles/network/nftables/base/defaults/main.yml b/roles/network/nftables/base/defaults/main.yml
new file mode 100644
index 00000000..95ec9073
--- /dev/null
+++ b/roles/network/nftables/base/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+nftables_base_rules: {}
+
+# nftables_base_rules:
+#   example: |
+#     table inet global {
+#       chain input {
+#         type filter hook input priority filter; policy drop;
+#         ct state vmap { established: accept, related: accept, invalid: drop }
+#       }
+#     }
author	Christian Pointner <equinox@spreadspace.org>	2022-06-15 19:35:36 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2022-06-15 19:35:36 +0200
commit	8e5c279f7cecf29589835e74602155b9afc430d8 (patch)
tree	c55e219fa44c220a29a4ef55ddc10c5f37456675 /roles/network/nftables/base/defaults
parent	update apt-repo gpg key for tor-project (diff)