This Role is No Longer Supported: Please use the version in the oasis_roles.system Ansible Collection

firewalld

This role helps with managing the firewalld service, which allows for basic port forwarding and creating holes in the firewall. It's designed to support applications that use OASIS roles and provides a simple interface for Ansible's firewalld module.

Requirements

• Ansible version 2.4 or higher
• Red Hat Enterprise Linux 7 or similar
• Valid Red Hat subscriptions

Role Variables

The role currently supports the following variables:

General

• firewalld_zone - the firewall zone for all rules
• firewalld_ports_open - ports that should always be open (for both IPv4 and IPv6) in the specified firewall zone
• firewalld_services - a list of named services that firewalld should enable
• firewalld_ports_forward - settings to permanently forward local ports (for IPv4 and IPv6) in the specified zone, like TCP 80 to 8080 for web applications
• firewalld_become - use Ansible's "become" feature for necessary permissions to manage the firewall

Dependencies

None

Example Playbook

- hosts: firewalld-servers
  roles:
    - role: firewalld
      firewalld_zone: public
      firewalld_ports_open:
        - proto: tcp
          port: 8080
        - proto: udp
          port: 9990-9999
      firewalld_services:
        - ssh
      firewalld_ports_forward:
        - proto: tcp
          port: 80
          to_port: 8080
      firewalld_become: true

License

GPLv3

Author Information

David Roble droble@redhat.com