summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorclarkzjw <[email protected]>2023-02-08 00:40:09 -0800
committerclarkzjw <[email protected]>2023-02-08 00:40:09 -0800
commit1204730924436ef9e1c7c49c9557837f9a5ed0e8 (patch)
tree129d79dfd11245751cee6d4082ff5d2f6e941610 /ansible/roles/disableFirewall/files
parent9635ac4dedf69de5bff65785bcc16bef80b52d75 (diff)
downloadmail-1204730924436ef9e1c7c49c9557837f9a5ed0e8.tar.gz
fork https://github.com/mattsta/mailwebHEADmaster
Diffstat (limited to 'ansible/roles/disableFirewall/files')
-rw-r--r--ansible/roles/disableFirewall/files/modprobe.d/blacklist-iptables.conf13
1 files changed, 13 insertions, 0 deletions
diff --git a/ansible/roles/disableFirewall/files/modprobe.d/blacklist-iptables.conf b/ansible/roles/disableFirewall/files/modprobe.d/blacklist-iptables.conf
new file mode 100644
index 0000000..4655374
--- /dev/null
+++ b/ansible/roles/disableFirewall/files/modprobe.d/blacklist-iptables.conf
@@ -0,0 +1,13 @@
1# Don't load iptables on startup (or ever)!
2
3# These look weird, but the 'blacklist' command still allows
4# module insertion.
5#
6# This method defines a load-time alias so when you load the module,
7# it runs a delegated command to load the module instead, but in
8# the case of denying modules completely, just run nothing.
9install ip6table_filter /bin/true
10install iptable_filter /bin/true
11install ip6_tables /bin/true
12install ip_tables /bin/true
13install x_tables /bin/true
Powered by cgit v1.2.3 (git 2.41.0)