Author: | Adam Miller <maxamillion@fedoraproject.org> |
---|
New in version 1.4.
This module allows for addition or deletion of services and ports either tcp or udp in either running or permanent firewalld rules
parameter | required | default | choices | comments |
---|---|---|---|---|
permanent | yes | True | Should this configuration be in the running firewalld configuration or persist across reboots | |
port | no | Name of a port to add/remove to/from firewalld must be in the form PORT/PROTOCOL | ||
rich_rule | no | Rich rule to add/remove to/from firewalld | ||
service | no | Name of a service to add/remove to/from firewalld - service must be listed in /etc/services | ||
state | yes | enabled | Should this port accept(enabled) or reject(disabled) connections | |
timeout | no | The amount of time the rule should be in effect for when non-permanent | ||
zone | no | system-default(public) |
|
The firewalld zone to add/remove to/from (NOTE: default zone can be configured per system but "public" is default from upstream. Available choices can be extended based on per-system configs, listed here are "out of the box" defaults). |
Note
Requires firewalld >= 0.2.11
- firewalld: service=https permanent=true state=enabled
- firewalld: port=8081/tcp permanent=true state=disabled
- firewalld: zone=dmz service=http permanent=true state=enabled
- firewalld: rich_rule='rule service name="ftp" audit limit value="1/m" accept' permanent=true state=enabled
Note
Not tested on any debian based system