Merge "Modify the network to ensure their more restrictive"
This commit is contained in:
commit
873ae46e82
|
@ -102,9 +102,11 @@
|
|||
{%- set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %}
|
||||
{% if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined and (value.address is undefined) %}
|
||||
{% set net_cidr = hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] %}
|
||||
{% set _ = start_commands.append('-/sbin/ip route add ' + net_cidr + ' dev ' + (value.routed_interface | default(nspawn_primary_interface)) + ' metric 100 proto kernel scope link table local') %}
|
||||
{% set _ = start_commands.append('-/sbin/ip route add ' ~ net_cidr ~ ' dev ' ~ (value.routed_interface | default(nspawn_primary_interface)) ~ ' metric 100 proto kernel scope link table local') %}
|
||||
{% elif (value.address is defined) and ((interface_data['ipv4'] | default({'address': none}))['address'] != value.address) and ((value.host_only | default(false)) | bool) %}
|
||||
{% set _ = start_commands.append('-/sbin/ip address add ' + value.address + '/' + (value.netmask | default('32')) + ' dev ' + mv_interface + ' scope host') %}
|
||||
{% set net_cidr = (value.address ~ '/' ~ (value.netmask | default('32'))) %}
|
||||
{% set _ = start_commands.append('-/sbin/ip address add ' ~ net_cidr ~ ' dev ' ~ mv_interface ~ ' scope host noprefixroute') %}
|
||||
{% set _ = start_commands.append('-/sbin/ip route add ' ~ net_cidr ~ '/' ~ (value.netmask | default('32')) ~ ' dev ' ~ mv_interface ~ ' metric 100 proto kernel scope link table local') %}
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
|
|
Loading…
Reference in New Issue