lunivity/ansible-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[a] add direction to firewall

Browse source
This commit is contained in:
Sangelo 2024-10-16 21:47:18 +02:00
parent d61cf8e414
commit d7ea614a66
2 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
roles/secure/defaults/main.yml
View file

@ -11,6 +11,7 @@ common_firewall:
- port: 22 - port: 22
rule: allow rule: allow
state: present state: present
direction: in
interface: "{{ common_firewall_lan_interface if common_firewall_lan_interface }}" interface: "{{ common_firewall_lan_interface if common_firewall_lan_interface }}"
comment: "Allow incoming connections on {{ common_firewall_lan_interface if common_firewall_lan_interface else 'all interfaces' }}" comment: "Allow incoming connections on {{ common_firewall_lan_interface if common_firewall_lan_interface else 'all interfaces' }}"

1
roles/secure/tasks/main.yml
View file

@ -41,6 +41,7 @@
port: "{{ rule.port }}" port: "{{ rule.port }}"
rule: "{{ rule.rule | default('allow') }}" rule: "{{ rule.rule | default('allow') }}"
delete: "{{ true if rule.state == 'absent' else false | default(false) }}" delete: "{{ true if rule.state == 'absent' else false | default(false) }}"
direction: "{{ rule.direction | default('in') }}"
proto: "{{ rule.protocol | default('tcp') }}" proto: "{{ rule.protocol | default('tcp') }}"
interface: "{{ rule.interface if rule.interface != 'all' else omit }}" interface: "{{ rule.interface if rule.interface != 'all' else omit }}"
comment: "{{ rule.comment | default('Custom rule for port {{ rule.port }} on {{ rule.interface }}') }}" comment: "{{ rule.comment | default('Custom rule for port {{ rule.port }} on {{ rule.interface }}') }}"