maxrainer.firewall_generic

Ansible Role for Firewall Demos

Overview

This is a general Ansible role for various Firewall platforms. Its purpose is to provide a simple method for setting up Firewall rules on different platforms using the same input format. It can be easily expanded to support more Firewall platforms in the future. Additional features, like NAT, will be added later.

Supported Platforms

Juniper SRX
PaloAlto PanOS
Fortigate FortiOS

Topics Covered

Configuring policies and rules
Setting up address books
Method: CLI commands
Method: Jinja templates

Service Match

For each supported platform, there should be a specific variable file in the /vars folder. These files link each general service to a specific one for that platform.

Requirements

This role depends on the following collections:

junipernetworks.junos
paloaltonetworks.panos
fortinet.fortios

Data Schema for Rules

fw_rules:
  - name: rule_C
    src:
      zone: "port2"
      addresses:
        - name: "inside_host_D"
          ipv4: "10.10.2.3"
    dest:
      zone: "port3"
      addresses:
        - name: "pub_host_A"
          type: host
          ipv4: "7.7.7.1"
        - name: "pub_host_B"
          type: host
          ipv4: "7.7.7.2"
    services:
      - http
      - https
    rule:
      action: "permit"
      logging_init: false
      logging_close: true
      ips_sensor: "default"

Informazioni sul progetto

generic Firewall role for different platforms

role demo fortigate fortios junos lab networking srx

Installa

ansible-galaxy install maxrainer.firewall_generic

GitHub repository

0 stelle

0 fork

1 problemi aperti

Licenza

Unknown

Download

Proprietario

Markus Rainer