84 lines
1.9 KiB
YAML
84 lines
1.9 KiB
YAML
---
|
|
firewalld_default_zone: public
|
|
firewalld_allow_zone_drifting: False
|
|
|
|
# @var firewalld_ipsets:description: A firewalld ipset configuration provides the information of an ip set for firewalld.
|
|
# @var firewalld_ipsets:example: >
|
|
# firewalld_ipsets:
|
|
# - name: appserver
|
|
# type: "hash:net"
|
|
# short: "App Servers"
|
|
# description: "Allow http access from all appservers"
|
|
# option: {}
|
|
# entry:
|
|
# - 192.168.2.1
|
|
# - 192.168.2.2
|
|
# @end
|
|
firewalld_ipsets: []
|
|
|
|
firewalld_services: []
|
|
|
|
# @var firewalld_zones:example: >
|
|
# firewalld_zones:
|
|
# - name: ""
|
|
# short: ""
|
|
# description: ""
|
|
# target: ""
|
|
# interface:
|
|
# - name: ""
|
|
# source:
|
|
# - address: ""
|
|
# - mac: ""
|
|
# - ipset: ""
|
|
# service:
|
|
# - name: ""
|
|
# port:
|
|
# - { port: "", protocol: "" }
|
|
# protocol:
|
|
# - value:
|
|
# icmp-block:
|
|
# - name:
|
|
# icmp-block-inversion: true
|
|
# masquerade: true
|
|
# forward-port:
|
|
# - { port: "", protocol: "" }
|
|
# source-port:
|
|
# - { port: "", protocol: "" }
|
|
# rule:
|
|
# - source: { address: "", mac: "", ipset: ""}
|
|
# destination: { address: "", mac: "", ipset: ""}
|
|
# service: {name: ""}
|
|
# port: {port: "", protocol: ""}
|
|
# protocol: {value: ""}
|
|
# icmp-block:
|
|
# name: ""
|
|
# icmp-type:
|
|
# name: ""
|
|
# masquerade: true
|
|
# forward-port:
|
|
# port: ""
|
|
# protocol: ""
|
|
# to-port: ""
|
|
# to-addr: ""
|
|
# source-port:
|
|
# port: ""
|
|
# protocol: ""
|
|
# log:
|
|
# prefix: ""
|
|
# level: ""
|
|
# limit: ""
|
|
# audit:
|
|
# limit: ""
|
|
# accept:
|
|
# limit: ""
|
|
# reject:
|
|
# rejecttype: ""
|
|
# limit: ""
|
|
# drop:
|
|
# limit: ""
|
|
# mark:
|
|
# set:
|
|
# limit: ""
|
|
# end
|
|
firewalld_zones: []
|