---
firewalld_default_zone: public
firewalld_allow_zone_drifting: False

# @var firewalld_ipsets:description: A firewalld ipset configuration provides the information of an ip set for firewalld.
# @var firewalld_ipsets:example: >
# firewalld_ipsets:
#     - name: appserver
#       type: "hash:net"
#       short: "App Servers"
#       description: "Allow http access from all appservers"
#       option: {}
#       entry:
#         - 192.168.2.1
#         - 192.168.2.2
# @end
firewalld_ipsets: []

firewalld_services: []

# @var firewalld_zones:example: >
# firewalld_zones:
#   - name: ""
#     short: ""
#     description: ""
#     target: ""
#     interface:
#       - name: ""
#     source:
#       - address: ""
#       - mac: ""
#       - ipset: ""
#     service:
#       - name: ""
#     port:
#       - { port: "", protocol: "" }
#     protocol:
#       - value:
#     icmp-block:
#       - name:
#     icmp-block-inversion: true
#     masquerade: true
#     forward-port:
#       - { port: "", protocol: "" }
#     source-port:
#       - { port: "", protocol: "" }
#     rule:
#       - source: { address: "", mac: "", ipset: ""}
#         destination: { address: "", mac: "", ipset: ""}
#         service: {name: ""}
#         port: {port: "", protocol: ""}
#         protocol: {value: ""}
#         icmp-block:
#           name: ""
#         icmp-type:
#           name: ""
#         masquerade: true
#         forward-port:
#           port: ""
#           protocol: ""
#           to-port: ""
#           to-addr: ""
#         source-port:
#           port: ""
#           protocol: ""
#         log:
#           prefix: ""
#           level: ""
#           limit: ""
#         audit:
#           limit: ""
#         accept:
#           limit: ""
#         reject:
#           rejecttype: ""
#           limit: ""
#         drop:
#           limit: ""
#         mark:
#           set:
#           limit: ""
# end
firewalld_zones: []