ansible / ansible.builtin / v2.9.18 / module / win_firewall_rule Windows firewall automation | "added in version" 2.0 of ansible.builtin" Authors: Artem Zinenko (@ar7z1), Timothy Vandenbrande (@TimothyVandenbrande) preview | supported by communityansible.builtin.win_firewall_rule (v2.9.18) — module
pip
Install with pip install ansible==2.9.18
Allows you to create/remove/update firewall rules.
- name: Firewall rule to allow SMTP on TCP port 25 win_firewall_rule: name: SMTP localport: 25 action: allow direction: in protocol: tcp state: present enabled: yes
- name: Firewall rule to allow RDP on TCP port 3389 win_firewall_rule: name: Remote Desktop localport: 3389 action: allow direction: in protocol: tcp profiles: private state: present enabled: yes
- name: Firewall rule to be created for application group win_firewall_rule: name: SMTP group: application localport: 25 action: allow direction: in protocol: tcp state: present enabled: yes
- name: Firewall rule to allow port range win_firewall_rule: name: Sample port range localport: 5000-5010 action: allow direction: in protocol: tcp state: present enabled: yes
- name: Firewall rule to allow ICMP v4 (ping) win_firewall_rule: name: ICMP Allow incoming V4 echo request enabled: yes state: present profiles: private action: allow direction: in protocol: icmpv4
name: description: - The rule's display name. required: true type: str group: description: - The group name for the rule. type: str version_added: '2.9' version_added_collection: ansible.builtin state: choices: - absent - present default: present description: - Should this rule be added or removed. type: str action: choices: - allow - block description: - What to do with the items this rule is for. - Defaults to C(allow) when creating a new rule. type: str enabled: aliases: - enable description: - Whether this firewall rule is enabled or disabled. - Defaults to C(true) when creating a new rule. type: bool localip: description: - The local ip address this rule applies to. - Set to C(any) to apply to all local ip addresses. - Defaults to C(any) when creating a new rule. type: str program: description: - The program this rule applies to. - Set to C(any) to apply to all programs. - Defaults to C(any) when creating a new rule. type: str service: description: - The service this rule applies to. - Set to C(any) to apply to all services. - Defaults to C(any) when creating a new rule. type: str profiles: aliases: - profile description: - The profile this rule applies to. - Defaults to C(domain,private,public) when creating a new rule. type: list protocol: description: - The protocol this rule applies to. - Set to C(any) to apply to all services. - Defaults to C(any) when creating a new rule. type: str remoteip: description: - The remote ip address/range this rule applies to. - Set to C(any) to apply to all remote ip addresses. - Defaults to C(any) when creating a new rule. type: str direction: choices: - in - out description: - Whether this rule is for inbound or outbound traffic. - Defaults to C(in) when creating a new rule. type: str localport: description: - The local port this rule applies to. - Set to C(any) to apply to all local ports. - Defaults to C(any) when creating a new rule. - Must have I(protocol) set type: str remoteport: description: - The remote port this rule applies to. - Set to C(any) to apply to all remote ports. - Defaults to C(any) when creating a new rule. - Must have I(protocol) set type: str description: description: - Description for the firewall rule. type: str