firewalld loop through services/ports/sources within zones

kingfisher77 · July 3, 2019, 9:52am

Hi, we aim for a scenario which seems to be not so easy achievable.

We would like to kind of reset/automate the setup of firewalld on CentOS7. With walking through defined zones setting services/ports/sources.

What we have so far:

FIREWALLD_ZONE_SERVICE:

SERVICES:

debug:
msg: “{{ item.0.ZONE }} {{ item.1.SERVICE }} {{ item.1.SERVICE_STATE }}”
loop: “{{ FIREWALLD_ZONE_SERVICE|subelements(‘SERVICES’)|list }}”

Works like expected. Each zone gets configured for all given services with the related state.

We would like to condense things further and loop through zones. Something like that:

FIREWALLD_ZONE_SERVICE:

How would the loop directive look like to loop through all zones looping through all services?

kingfisher77 · July 4, 2019, 7:24am

Solved it:

`
vars:
FIREWALLD_ZONE_SERVICE_CLEAR:
ZONES:

`

Strokes at ZONES and SERVICES were wrong. They are not lists.

`
task:

name: Debug FIREWALLD_ZONE_SERVICE
debug:
msg: “{{ item.0 }} {{ item.1.SERVICE }}/{{ item.1.STATE }}”
loop: “{{ FIREWALLD_ZONE_SERVICE.ZONES|product(FIREWALLD_ZONE_SERVICE.SERVICES)|list }}”
`

Topic		Replies	Views
Undefined variables and filter subelements Ansible Project	6	0	November 9, 2019
Firewalld settings dont persist when service restarted. Ansible Project	0	4	October 3, 2019
Firewalld module and check / diff modes Ansible Project	0	2	March 12, 2018
Ansible firewalld module question Ansible Project	0	0	January 16, 2020
Ansible & firewalld Part Two: "Avoiding losing the connection by changing the port before starting firewalld" and the joys of ansible_check_mode Ansible Project	0	3	May 14, 2016