search

geerlingguy / ansible-role-firewall

Ansible Role - iptables Firewall configuration.
https://galaxy.ansible.com/geerlingguy/firewall/
MIT License
524 stars 217 forks source link

Allow subsequent addition of rules by introducing /etc/firewall.bash.d/ #94

Closed katomaso closed 1 year ago

katomaso commented 1 year ago

Currently, there is no way of adding rules once they were defined. This PR adds /etc/firewall.bash.d/ with user-defined rules. New variable firewall_group was introduced to distinguish between different "groups" of rules. The default group is called "default". The code should be still 100% compatible.

Example usage in a random tasks file:

- name: Allow firewall ports
  become: true
  vars:
    firewall_group: my app
    firewall_allowed_tcp_ports:
    - 8989
    firewall_allowed_udp_ports:
    - 8990
  ansible.builtin.import_role:
    name: geerlingguy.firewall
katomaso commented 1 year ago

Hi @geerlingguy , what do you think of this? Is this something you would be interested in merging?

katomaso commented 1 year ago

I will repoint the MR to a stable branch - I added buch of stuff into master