2015-11-18 23:02:49 +00:00
|
|
|
|
|
|
|
- service: name=firewalld
|
|
|
|
state=started
|
2015-11-30 15:08:24 +00:00
|
|
|
enabled=yes
|
2015-11-18 23:02:49 +00:00
|
|
|
sudo: yes
|
|
|
|
|
|
|
|
- firewalld: service=https
|
|
|
|
permanent=true
|
|
|
|
state=enabled
|
|
|
|
sudo: yes
|
|
|
|
notify: restart firewalld
|
|
|
|
|
|
|
|
- firewalld: service=http
|
|
|
|
permanent=true
|
|
|
|
state=enabled
|
|
|
|
sudo: yes
|
|
|
|
notify: restart firewalld
|
2015-11-30 15:08:24 +00:00
|
|
|
|
|
|
|
- firewalld: rich_rule='rule service name="ssh" family="ipv4" source address="{{ item }}" accept'
|
|
|
|
permanent=true
|
|
|
|
state=enabled
|
|
|
|
with_items:
|
|
|
|
- 128.192.75.0/24
|
|
|
|
- 192.168.0.0/16
|
|
|
|
- 172.16.0.0/16
|
|
|
|
- 128.91.49.0/24
|
|
|
|
sudo: yes
|
|
|
|
notify: restart firewalld
|
2015-12-27 21:20:23 +00:00
|
|
|
when: is_production_vm == True
|
2015-11-30 15:08:24 +00:00
|
|
|
|
|
|
|
- firewalld: service=ssh
|
|
|
|
permanent=true
|
|
|
|
state=disabled
|
|
|
|
sudo: yes
|
|
|
|
notify: restart firewalld
|
2015-12-27 21:20:23 +00:00
|
|
|
when: is_production_vm == True
|
2015-11-30 15:08:24 +00:00
|
|
|
|
|
|
|
- name: restart firewalld
|
|
|
|
service: name=firewalld
|
|
|
|
state=restarted
|
|
|
|
sudo: yes
|