22 lines
505 B
YAML
22 lines
505 B
YAML
- name: Add firewall rules
|
|
loop: "{{ firewall }}"
|
|
iptables:
|
|
chain: INPUT
|
|
ctstate:
|
|
- NEW
|
|
- ESTABLISHED
|
|
- RELATED
|
|
destination_port: "{{ item.port }}"
|
|
jump: ACCEPT
|
|
ip_version: 'ip{{ item.ipv }}'
|
|
protocol: '{{ item.proto }}'
|
|
tags:
|
|
- firewall
|
|
- name: Save netfilter rules
|
|
command:
|
|
argv:
|
|
- '/usr/sbin/netfilter-persistent'
|
|
- 'save'
|
|
tags:
|
|
- firewall
|