The iptables modules handles iptables rules.
Functions
iptables.chain
Add/remove/update iptables chains.
iptables.chain(
chain,
present=True,
table="filter",
policy=None,
version=4,
)
Policy: These can only be applied to system chains (FORWARD, INPUT, OUTPUT, etc).
iptables.rule
Add/remove iptables rules.
iptables.rule(
chain,
jump,
present=True,
table="filter",
append=True,
version=4,
protocol=None,
source=None,
destination=None,
in_interface=None,
out_interface=None,
to_destination=None,
to_source=None,
to_ports=None,
log_prefix=None,
destination_port=None,
source_port=None,
extras="",
)
Examples
from pyinfra.operations import iptables
# Block SSH traffic
iptables.rule(
name="Block SSH traffic",
chain="INPUT",
jump="DROP",
destination_port=22,
protocol="tcp",
)
# NAT traffic
iptables.rule(
name="NAT traffic on from 8.8.8.8:53 to 8.8.4.4:8080",
chain="PREROUTING",
jump="DNAT",
table="nat",
source="8.8.8.8",
destination_port=53,
protocol="tcp",
to_destination="8.8.4.4:8080",
)
