diff --git a/defaults/main.yml b/defaults/main.yml index 2895ad0..3f81129 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -246,3 +246,29 @@ samba__default_shares: guest_ok: 'yes' # .. ))) + +# .. envvar:: samba__ferm__dependent_rules: ((( +# +# Configuration for :command:`iptables` firewall managed by :program:`ferm`. +samba__ferm__dependent_rules: + + - type: 'dport_accept' + protocol: [ 'udp' ] + dport: [ 'netbios-ns', 'netbios-dgm' ] + saddr: '{{ samba__allow }}' + accept_any: True + filename: 'samba__dependency_accept_udp' + delete: '{{ "samba" not in samba__base_packages }}' + weight: '50' + + - type: 'dport_accept' + protocol: [ 'tcp' ] + dport: [ 'netbios-ssn', 'microsoft-ds' ] + saddr: '{{ samba__allow }}' + accept_any: True + filename: 'samba__dependency_accept_tcp' + delete: '{{ "samba" not in samba__base_packages }}' + weight: '50' + + +# .. ))) diff --git a/meta/main.yml b/meta/main.yml index 6cb7e99..c323881 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,30 +1,5 @@ --- -dependencies: - - - role: debops.ferm - tags: [ 'depend::ferm', 'depend::ferm:samba', - 'depend-of::samba', 'type::dependency' ] - ferm_input_list: - - - type: 'dport_accept' - protocol: [ 'udp' ] - dport: [ 'netbios-ns', 'netbios-dgm' ] - saddr: '{{ samba__allow }}' - accept_any: True - filename: 'samba__dependency_accept_udp' - delete: '{{ "samba" not in samba__base_packages }}' - weight: '50' - - - type: 'dport_accept' - protocol: [ 'tcp' ] - dport: [ 'netbios-ssn', 'microsoft-ds' ] - saddr: '{{ samba__allow }}' - accept_any: True - filename: 'samba__dependency_accept_tcp' - delete: '{{ "samba" not in samba__base_packages }}' - weight: '50' - galaxy_info: company: 'DebOps'