Try SpotterWindows firewall automation
| "added in version" 2.0 of ansible.builtin"
Authors: Artem Zinenko (@ar7z1), Timothy Vandenbrande (@TimothyVandenbrande)
preview | supported by community
pipInstall with pip install ansible==2.7.7
Allows you to create/remove/update firewall rules.
- name: Firewall rule to allow SMTP on TCP port 25
win_firewall_rule:
name: SMTP
localport: 25
action: allow
direction: in
protocol: tcp
state: present
enabled: yes
- name: Firewall rule to allow RDP on TCP port 3389
win_firewall_rule:
name: Remote Desktop
localport: 3389
action: allow
direction: in
protocol: tcp
profiles: private
state: present
enabled: yes
name:
description:
- The rules name
required: true
force:
default: 'no'
description:
- Replace any existing rule by removing it first.
- This is no longer required in 2.4 as rules no longer need replacing when being modified.
- DEPRECATED in 2.4 and will be removed in 2.9.
type: bool
state:
choices:
- absent
- present
default: present
description:
- Should this rule be added or removed.
action:
choices:
- allow
- block
description:
- What to do with the items this rule is for.
required: true
enabled:
aliases:
- enable
default: 'yes'
description:
- Is this firewall rule enabled or disabled.
type: bool
localip:
default: any
description:
- The local ip address this rule applies to.
program:
description:
- The program this rule applies to.
service:
description:
- The service this rule applies to.
profiles:
aliases:
- profile
default: domain,private,public
description:
- The profile this rule applies to.
type: list
protocol:
default: any
description:
- The protocol this rule applies to.
remoteip:
default: any
description:
- The remote ip address/range this rule applies to.
direction:
choices:
- in
- out
description:
- Is this rule for inbound or outbound traffic.
required: true
localport:
description:
- The local port this rule applies to.
remoteport:
description:
- The remote port this rule applies to.
description:
description:
- Description for the firewall rule.