Try SpotterGather information about firewalld
Authors: Hideki Saito (@saito-hideki)
Install with ansible-galaxy collection install ansible.posix:==1.5.4
collections:
- name: ansible.posix
version: 1.5.4This module gathers information about firewalld rules.
- name: Gather information about active zones
ansible.posix.firewalld_info:
active_zones: true
register: result
- name: Print default zone for debugging
ansible.builtin.debug:
var: result.firewalld_info.default_zone
- name: Gather information about specific zones
ansible.posix.firewalld_info:
zones:
- public
- external
- internal
register: result
zones:
description:
- Gather information about specific zones.
- If only works if C(active_zones) is set to C(false).
elements: str
required: false
type: list
active_zones:
default: false
description: Gather information about active zones.
type: bool
active_zones:
description:
- Gather active zones only if turn it C(true).
returned: success
sample: false
type: bool
collected_zones:
description:
- A list of collected zones.
returned: success
sample:
- external
- internal
type: list
firewalld_info:
contains:
default_zone:
description:
- The zone name of default zone.
returned: success
sample: public
type: str
version:
description:
- The version information of firewalld.
returned: success
sample: 0.8.2
type: str
zones:
contains:
zone:
contains:
forward:
description:
- The network interface forwarding.
- This parameter supports on python-firewall 0.9.0(or later) and is
not collected in earlier versions.
returned: success
sample: false
type: bool
forward_ports:
description:
- A list of forwarding port pair with protocol.
returned: success
sample:
- icmp
- ipv6-icmp
type: list
icmp_block_inversion:
description:
- The ICMP block inversion to block all ICMP requests.
returned: success
sample: false
type: bool
icmp_blocks:
description:
- A list of blocking icmp protocol.
returned: success
sample:
- echo-request
type: list
interfaces:
description:
- A list of network interfaces.
returned: success
sample:
- eth0
- eth1
type: list
masquerade:
description:
- The network interface masquerading.
returned: success
sample: false
type: bool
ports:
description:
- A list of network port with protocol.
returned: success
sample:
- - '22'
- tcp
- - '80'
- tcp
type: list
protocols:
description:
- A list of network protocol.
returned: success
sample:
- icmp
- ipv6-icmp
type: list
rich_rules:
description:
- A list of rich language rule.
returned: success
sample:
- rule protocol value="icmp" reject
- rule priority="32767" reject
type: list
services:
description:
- A list of network services.
returned: success
sample:
- dhcp
- dns
- ssh
type: list
source_ports:
description:
- A list of network source port with protocol.
returned: success
sample:
- - '30000'
- tcp
- - '30001'
- tcp
type: list
sources:
description:
- A list of source network address.
returned: success
sample:
- 172.16.30.0/24
- 172.16.31.0/24
type: list
target:
description:
- A list of services in the zone.
returned: success
sample: ACCEPT
type: str
description:
- The zone name registered in firewalld.
returned: success
sample: external
type: complex
description:
- A dict of zones to gather information.
returned: success
type: complex
description:
- Returns various information about firewalld configuration.
returned: success
type: complex
undefined_zones:
description:
- A list of undefined zones in C(zones) option.
- C(undefined_zones) will be ignored for gathering process.
returned: success
sample:
- foo
- bar
type: list