From 4f9b26e8af5890b7960291497020586426e7f1fc Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 19 Jul 2017 08:51:14 -0400 Subject: First attempt at refactor of os_firewall --- roles/os_firewall/tasks/firewall/firewalld.yml | 16 ---------------- roles/os_firewall/tasks/firewall/iptables.yml | 16 ---------------- 2 files changed, 32 deletions(-) (limited to 'roles/os_firewall/tasks') diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index 509655b0c..2cc7af478 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -49,19 +49,3 @@ until: pkaction.rc == 0 retries: 6 delay: 10 - -- name: Add firewalld allow rules - firewalld: - port: "{{ item.port }}" - permanent: true - immediate: true - state: enabled - with_items: "{{ os_firewall_allow }}" - -- name: Remove firewalld allow rules - firewalld: - port: "{{ item.port }}" - permanent: true - immediate: true - state: disabled - with_items: "{{ os_firewall_deny }}" diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 55f2fc471..ccb3c4713 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -33,19 +33,3 @@ - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail pause: seconds=10 when: result | changed - -- name: Add iptables allow rules - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: add - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_allow }}" - -- name: Remove iptables rules - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: remove - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_deny }}" -- cgit v1.2.1