ansible.posix.firewalld_info – Gather information about firewalld
Note
This plugin is part of the ansible.posix collection (version 1.3.0).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install ansible.posix.
To use it in a playbook, specify: ansible.posix.firewalld_info.
Synopsis
- This module gathers information about firewalld rules.
Requirements
The below requirements are needed on the host that executes this module.
- firewalld >= 0.2.11
- python-firewall
- python-dbus
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| active_zones
boolean
|
|
Gather information about active zones.
|
| zones
list / elements=string
|
Gather information about specific zones.
If only works if active_zones is set to false.
|
Examples
- name: Gather information about active zones
ansible.posix.firewalld_info:
active_zones: yes
- name: Gather information about specific zones
ansible.posix.firewalld_info:
zones:
- public
- external
- internal
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |||
|---|---|---|---|---|---|
| active_zones
boolean
|
success |
Gather active zones only if turn it true.
|
|||
| collected_zones
list / elements=string
|
success |
A list of collected zones.
Sample:
['external', 'internal']
|
|||
| firewalld_info
complex
|
success |
Returns various information about firewalld configuration.
|
|||
| default_zones
string
|
success |
The zone name of default zone.
Sample:
public
|
|||
| version
string
|
success |
The version information of firewalld.
Sample:
0.8.2
|
|||
| zones
complex
|
success |
A dict of zones to gather information.
|
|||
| zone
complex
|
success |
The zone name registered in firewalld.
Sample:
external
|
|||
| forward
boolean
|
success |
The network interface forwarding.
This parameter supports on python-firewall 0.9.0(or later) and is not collected in earlier versions.
|
|||
| forward_ports
list / elements=string
|
success |
A list of forwarding port pair with protocol.
Sample:
['icmp', 'ipv6-icmp']
|
|||
| icmp_block_inversion
boolean
|
success |
The ICMP block inversion to block all ICMP requests.
|
|||
| icmp_blocks
list / elements=string
|
success |
A list of blocking icmp protocol.
Sample:
['echo-request']
|
|||
| interfaces
list / elements=string
|
success |
A list of network interfaces.
Sample:
['eth0', 'eth1']
|
|||
| masquerade
boolean
|
success |
The network interface masquerading.
|
|||
| ports
list / elements=string
|
success |
A list of network port with protocol.
Sample:
[['22', 'tcp'], ['80', 'tcp']]
|
|||
| protocols
list / elements=string
|
success |
A list of network protocol.
Sample:
['icmp', 'ipv6-icmp']
|
|||
| rich_rules
list / elements=string
|
success |
A list of rich language rule.
Sample:
['rule protocol value="icmp" reject', 'rule priority="32767" reject']
|
|||
| services
list / elements=string
|
success |
A list of network services.
Sample:
['dhcp', 'dns', 'ssh']
|
|||
| source_ports
list / elements=string
|
success |
A list of network source port with protocol.
Sample:
[['30000', 'tcp'], ['30001', 'tcp']]
|
|||
| sources
list / elements=string
|
success |
A list of source network address.
Sample:
['172.16.30.0/24', '172.16.31.0/24']
|
|||
| target
string
|
success |
A list of services in the zone.
Sample:
ACCEPT
|
|||
| undefined_zones
list / elements=string
|
success |
A list of undefined zones in
zones option.
undefined_zones will be ignored for gathering process.
Sample:
['foo', 'bar']
|
|||
Authors
- Hideki Saito (@saito-hideki)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/ansible/posix/firewalld_info_module.html