Ivo C.S. Wingelaar
67681b6fdc
This role is intended for simple port forwarding via `nftables` rules.
22 lines
619 B
Django/Jinja
22 lines
619 B
Django/Jinja
# {{ ansible_managed }}
|
|
# Based on the default Debian 12 `/lib/systemd/system/nftables.service`
|
|
[Unit]
|
|
Description=nftables SCE port mapping rules
|
|
Wants=network-pre.target
|
|
Before=network-pre.target shutdown.target
|
|
Conflicts=shutdown.target
|
|
After=nftables.service
|
|
DefaultDependencies=no
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
StandardInput=null
|
|
ProtectSystem=full
|
|
ProtectHome=true
|
|
ExecStart=/usr/sbin/nft -f /etc/{{ sce_nft_table_filename }}.conf
|
|
ExecReload=/usr/sbin/nft -f /etc/{{ sce_nft_table_filename }}.conf
|
|
ExecStop=/usr/sbin/nft delete table inet {{ sce_nft_table_name }}
|
|
|
|
[Install]
|
|
WantedBy=sysinit.target
|