| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- ---
- - when: os_firewall_enabled | bool and not os_firewall_use_firewalld | bool
- block:
- - name: Add iptables allow rules
- os_firewall_manage_iptables:
- name: "{{ item.service }}"
- action: add
- protocol: "{{ item.port.split('/')[1] }}"
- port: "{{ item.port.split('/')[0] }}"
- when: item.cond
- with_items: "{{ r_nuage_node_os_firewall_allow }}"
- - name: Remove iptables rules
- os_firewall_manage_iptables:
- name: "{{ item.service }}"
- action: remove
- protocol: "{{ item.port.split('/')[1] }}"
- port: "{{ item.port.split('/')[0] }}"
- when: item.cond
- with_items: "{{ r_nuage_node_os_firewall_deny }}"
- - when: os_firewall_enabled | bool and os_firewall_use_firewalld | bool
- block:
- - name: Add firewalld allow rules
- firewalld:
- port: "{{ item.port }}"
- permanent: true
- immediate: true
- state: enabled
- when: item.cond
- with_items: "{{ r_nuage_node_os_firewall_allow }}"
- - name: Remove firewalld allow rules
- firewalld:
- port: "{{ item.port }}"
- permanent: true
- immediate: true
- state: disabled
- when: item.cond
- with_items: "{{ r_nuage_node_os_firewall_deny }}"
|
