commit f6a2053355

Author: Robert Kaussow <mail@thegeeklab.de> Date: Mon Jun 13 22:18:21 2022 +0200 fix configuration templates
2022-06-14 06:36:47 +00:00 · 2022-06-14 06:36:47 +00:00 · 074eb22b8e
commit 074eb22b8e
parent 0d78e39f21
1 changed files with 150 additions and 0 deletions
--- a/index.md
+++ b/index.md
@ -0,0 +1,150 @@
 ---
 title: firewalld
 type: docs
 ---
 [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.firewalld) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.firewalld?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.firewalld) [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.firewalld/src/branch/main/LICENSE)
 Setup and configure host firewall with firewalld.
 <!--more-->
 - [Default Variables](#default-variables)
  - [firewalld_allow_zone_drifting](#firewalld_allow_zone_drifting)
  - [firewalld_default_zone](#firewalld_default_zone)
  - [firewalld_ipsets](#firewalld_ipsets)
  - [firewalld_services](#firewalld_services)
  - [firewalld_zones](#firewalld_zones)
 - [Dependencies](#dependencies)
 ---
 ## Default Variables
 ### firewalld_allow_zone_drifting
 #### Default value
 ```YAML
 firewalld_allow_zone_drifting: false
 ```
 ### firewalld_default_zone
 #### Default value
 ```YAML
 firewalld_default_zone: public
 ```
 ### firewalld_ipsets
 A firewalld ipset configuration provides the information of an ip set for firewalld.
 #### Default value
 ```YAML
 firewalld_ipsets: []
 ```
 #### Example usage
 ```YAML
 firewalld_ipsets:
    - name: appserver
      type: "hash:net"
      short: "App Servers"
      description: "Allow http access from all appservers"
      option: {}
      entry:
        - 192.168.2.1
        - 192.168.2.2
 ```
 ### firewalld_services
 #### Default value
 ```YAML
 firewalld_services: []
 ```
 ### firewalld_zones
 #### Default value
 ```YAML
 firewalld_zones: []
 ```
 #### Example usage
 ```YAML
 firewalld_zones:
  - name: ""
    short: ""
    description: ""
    target: ""
    interface:
      - name: ""
    source:
      - address: ""
      - mac: ""
      - ipset: ""
    service:
      - name: ""
    port:
      - { port: "", protocol: "" }
    protocol:
      - value:
    icmp-block:
      - name:
    icmp-block-inversion: true
    masquerade: true
    forward-port:
      - { port: "", protocol: "" }
    source-port:
      - { port: "", protocol: "" }
    rule:
      - source: { address: "", mac: "", ipset: ""}
        destination: { address: "", mac: "", ipset: ""}
        service: {name: ""}
        port: {port: "", protocol: ""}
        protocol: {value: ""}
        icmp-block:
          name: ""
        icmp-type:
          name: ""
        masquerade: true
        forward-port:
          port: ""
          protocol: ""
          to-port: ""
          to-addr: ""
        source-port:
          port: ""
          protocol: ""
        log:
          prefix: ""
          level: ""
          limit: ""
        audit:
          limit: ""
        accept:
          limit: ""
        reject:
          rejecttype: ""
          limit: ""
        drop:
          limit: ""
        mark:
          set:
          limit: ""
 end
 ```
 ## Dependencies
 None.