Documentation

v2.18
latest v2.19 v2.18 v2.17 v2.16 v2.15 v2.14 v2.12 v2.11 v2.10 v2.9 v2.8 v2.7 v2.6 v2.5 v2.4 v2.3 v2.2 v2.1 v2.0 v1.10 v1.9 v1.8 v1.7 v1.6 v1.5 v1.4 v1.3 v1.2 v1.1 v1.0
    Edit on GitHub

    PLEASE NOTE: This document applies to v2.18 version and not to the latest stable release v2.19

    Documentation for other releases can be found by using the version selector in the top right of any doc page.

    firewalld

    Manage firewall rules using firewalld.

    Attributes

    check_mode:
  support: full

    Parameters

    Parameter Required Type Values Description
    immediate   boolean   Apply the change immediately without requiring a reload. [default: false]
    permanent   boolean   Make the change permanent (survive reboots). [default: false]
    port   string   Port to allow or block (e.g., 8080/tcp, 53/udp).
    service   string   Service to allow or block (e.g., http, https, ssh).
    state true string enabled
    disabled    		 Whether the rule should be enabled or disabled.
    zone   string   Firewall zone to operate on. [default: default from system]

    Examples

    - name: Allow HTTP traffic
  firewalld:
    service: http
    zone: public
    state: enabled
    permanent: true
    immediate: true

- name: Allow port 8080/tcp
  firewalld:
    port: 8080/tcp
    zone: public
    state: enabled
    permanent: true

- name: Block HTTPS traffic
  firewalld:
    service: https
    zone: public
    state: disabled
    permanent: true
    immediate: true

- name: Allow port range
  firewalld:
    port: 8000-8005/tcp
    zone: public
    state: enabled
    permanent: true