ansible-roles/firewalld
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
15 commits 1 branch 0 tags 50 KiB
Find a file
Exact
srw 6a570aae85 update tasks with builtin become
2025-10-06 21:57:26 +00:00
defaults add ipset support, combine add/remove tasks, cleanup, fixes 2023-10-03 08:04:28 +00:00
handlers update tasks with builtin become 2025-10-06 21:57:26 +00:00
meta update meta data 2023-08-24 06:12:19 +00:00
tasks update tasks with builtin become 2025-10-06 21:57:26 +00:00
.gitignore update tasks with builtin become 2025-10-06 21:57:26 +00:00
README.md fixes for common task management, firewall tasks will only run when something is defined 2023-10-24 06:34:13 +00:00

README.md

ansible-role-firewalld

This role allows adding and removing most types of firewalld rules from the default zone

Task Configuration

- name: Test adding and removeing services etc
  hosts: test
  become: true
  roles:
    - role: firewalld
      firewalld_ipset_add:
        - name: peers
          ips:
            - 207.188.6.74
            - 207.188.6.12
            - 207.188.6.49

      firewalld_add:
        - name: public
          masquerade: false
          forward: true
          services:
            - http
            - https
            - ssh
          ports:
            - 53/tcp
            - 53/udp
            - 67/udp
            - 547/udp
          forwards:
            - port: 443
              proto: udp
              to: 51820
        - name: ftl
          interfaces:
            - lo
          ports:
            - 4711/tcp

      firewalld_remove:
        - name: public
          masquerade: true
          services:
            - http
            - https

Deployment and Removal

Deploy

ansible-playbook -i hosts site.yml --tags=firewalld --limit=somehost

Remove

ansible-playbook -i hosts site.yml --tags=firewalld --extra-vars "firewall_action=remove" --limit=somehost