win_firewall_rule – Windows firewall automation
Synopsis
- Allows you to create/remove/update firewall rules.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
action
string
|
|
What to do with the items this rule is for.
Defaults to
allow when creating a new rule.
|
description
string
|
Description for the firewall rule.
|
|
direction
string
|
|
Whether this rule is for inbound or outbound traffic.
Defaults to
in when creating a new rule.
|
enabled
boolean
|
|
Whether this firewall rule is enabled or disabled.
Defaults to
true when creating a new rule.
aliases: enable |
group
string
added in 2.9
|
The group name for the rule.
|
|
localip
string
|
The local ip address this rule applies to.
Set to
any to apply to all local ip addresses.
Defaults to
any when creating a new rule.
|
|
localport
string
|
The local port this rule applies to.
Set to
any to apply to all local ports.
Defaults to
any when creating a new rule.
Must have
protocol set
|
|
name
string /
required
|
The rule's display name.
|
|
profiles
list
|
The profile this rule applies to.
Defaults to
domain,private,public when creating a new rule.
aliases: profile |
|
program
string
|
The program this rule applies to.
Set to
any to apply to all programs.
Defaults to
any when creating a new rule.
|
|
protocol
string
|
The protocol this rule applies to.
Set to
any to apply to all services.
Defaults to
any when creating a new rule.
|
|
remoteip
string
|
The remote ip address/range this rule applies to.
Set to
any to apply to all remote ip addresses.
Defaults to
any when creating a new rule.
|
|
remoteport
string
|
The remote port this rule applies to.
Set to
any to apply to all remote ports.
Defaults to
any when creating a new rule.
Must have
protocol set
|
|
service
string
|
The service this rule applies to.
Set to
any to apply to all services.
Defaults to
any when creating a new rule.
|
|
state
string
|
|
Should this rule be added or removed.
|
See Also
See also
- win_firewall – Enable or disable the Windows Firewall
- The official documentation on the win_firewall module.
Examples
- name: Firewall rule to allow SMTP on TCP port 25 win_firewall_rule: name: SMTP localport: 25 action: allow direction: in protocol: tcp state: present enabled: yes - name: Firewall rule to allow RDP on TCP port 3389 win_firewall_rule: name: Remote Desktop localport: 3389 action: allow direction: in protocol: tcp profiles: private state: present enabled: yes - name: Firewall rule to be created for application group win_firewall_rule: name: SMTP group: application localport: 25 action: allow direction: in protocol: tcp state: present enabled: yes - name: Firewall rule to allow port range win_firewall_rule: name: Sample port range localport: 5000-5010 action: allow direction: in protocol: tcp state: present enabled: yes - name: Firewall rule to allow ICMP v4 (ping) win_firewall_rule: name: ICMP Allow incoming V4 echo request enabled: yes state: present profiles: private action: allow direction: in protocol: icmpv4
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Artem Zinenko (@ar7z1)
- Timothy Vandenbrande (@TimothyVandenbrande)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/win_firewall_rule_module.html