Firewalld settings dont persist when service restarted.

Archives Ansible Project
1

I have the following code, which works fine with ansible. However i’ve noticed when i restart my firewall service, my settings appear to not persist. Any idea why? Ansible 2.7

Before service restart (with ansible configs applied) This is what i expect to see;

`

[root@driv-vch4-ha01 dhill]# firewall-cmd --get-active-zones
drop
interfaces: ens224
public
interfaces: ens192

</b> <b>

[root@driv-vch4-ha01 dhill]# systemctl restart firewalld
[root@driv-vch4-ha01 dhill]# firewall-cmd --get-active-zones
public
interfaces: ens192 ens224

`

  • name: Enable firewall service + start
    service:
    name: firewalld
    state: started
    enabled: yes

  • name: Put Customer interface into DROP zone
    firewalld:
    interface: “{{ vrrp_interface }}”
    zone: drop
    permanent: yes
    immediate: yes
    state: enabled

  • name: Allow http
    firewalld:
    service: http
    zone: drop
    permanent: yes
    immediate: yes
    state: enabled

  • name: Allow https
    firewalld:
    service: https
    zone: drop
    permanent: yes
    immediate: yes
    state: enabled

  • name: Allow https
    firewalld:
    service: https
    zone: drop
    permanent: yes
    immediate: yes
    state: enabled

  • name: Allow pings
    firewalld:
    rich_rule: rule family=“ipv4” protocol value=“icmp” accept
    zone: drop
    permanent: yes
    immediate: yes
    state: enabled

  • name: Open up Traefik dashboard on public zone.
    firewalld:
    port: 8080/tcp
    permanent: yes
    zone: public
    state: enabled
    immediate: yes