kris/vagrant-easyredmine
1
0
Fork 0
mirror of https://github.com/krislamo/vagrant-easyredmine synced 2025-09-09 14:09:29 +00:00
Code Issues Releases Wiki Activity

firewalld block icmp timestamp responses

Browse Source
This commit is contained in:
Mark Heiges
2016-04-26 11:20:52 -04:00
parent e68b778711
commit 29e63763cd
3 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
roles/easyredmine/tasks/firewall.yml
View File

@@ -35,6 +35,26 @@
notify: restart firewalld
when: is_production_vm == True
- name: define new icmp types for timestamp responses
copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml'
src='{{ item }}.xml'
sudo: yes
with_items:
- timestamp-reply
- timestamp-request
- name: load new icmp types for timestamp responses
command: firewall-cmd --reload
sudo: yes
- name: disable icmp timestamp responses
command: firewall-cmd --permanent --zone=public --add-icmp-block={{ item }}
sudo: yes
with_items:
- timestamp-reply
- timestamp-request
notify: restart firewalld
- name: restart firewalld
service: name=firewalld
state=restarted