I'm setting up a centOS 7 server with Ansible 2.6 and ufw as my firewall. Ufw comes with two predefined rules: SSH and mDNS.
While I can easily delete the SSH rule with my playbook:
- name: delete SSH rule by name
ufw:
rule: allow
name: SSH
delete: yes
For the mDNS rule my script doesn't work:
predefined ufw rule:
xxx.xxx.xxx.xxx 5353/udp (mDNS) ALLOW IN Anywhere
xyz::xyz 5353/udp (mDNS) ALLOW IN Anywhere (v6)
My attempts in the playbook:
- name: delete mDNS rule by name
ufw:
rule: allow
name: mDNS
delete: yes
or
- name: delete mDNS rule
ufw:
rule: allow
to_ip: xxx.xxx.xxx.xxx
to_port: 5353
proto: udp
delete: yes
In both cases, Ansible reports an "ok" statment but the mDNS rule is still present.
TASK [delete mDNS rule by name] ************
ok: [host ip]
TASK [delete mDNS rule] ************
ok: [host ip]
Is there a way with ansible? I want to automate my project as much as possible.
This worked for me:
I know it's a bit late for a response, but I just finally worked it out myself.