arillso.system.to_nftables_rule filter – Convert YAML rule dict to nftables syntax string
Note
This filter plugin is part of the arillso.system collection (version 1.0.5).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install arillso.system.
To use it in a playbook, specify: arillso.system.to_nftables_rule.
New in arillso.system 1.0.0
Synopsis
Converts structured YAML firewall rules into nftables rule syntax.
Supports interfaces, IP protocols, addresses, ports, connection tracking, ICMP, logging, and more.
Provides a declarative way to define firewall rules in YAML.
Keyword parameters
This describes keyword parameters of the filter. These are the values key1=value1, key2=value2 and so on in the following
example: input | arillso.system.to_nftables_rule(key1=value1, key2=value2, ...)
Parameter |
Comments |
|---|---|
Dictionary containing rule definition with conditions and actions |
Examples
# Convert a simple rule
{{ {'tcp_dport': 80, 'action': 'accept'} | arillso.system.to_nftables_rule }}
# Output: tcp dport 80 accept
# Complex rule with multiple conditions
{{ {
'iifname': 'eth0',
'ip_saddr': '10.0.0.0/8',
'tcp_dport': [80, 443],
'ct_state': ['new', 'established'],
'action': 'accept'
} | arillso.system.to_nftables_rule }}
# Use in template
{% for rule in chain.rules %}
{{ rule | arillso.system.to_nftables_rule }}
{% endfor %}
Return Value
Key |
Description |
|---|---|
nftables rule syntax string Returned: success |