How to delete the predefined mDNS rule in ufw with Ansible?

Question

I'm setting up a centOS 7 server with Ansible 2.6 and ufw as my firewall. Ufw comes with two predefined rules: SSH and mDNS.

While I can easily delete the SSH rule with my playbook:

- name: delete SSH rule by name
  ufw:
    rule: allow
    name: SSH
    delete: yes

For the mDNS rule my script doesn't work:

predefined ufw rule:

xxx.xxx.xxx.xxx 5353/udp (mDNS) ALLOW IN Anywhere

xyz::xyz 5353/udp (mDNS) ALLOW IN Anywhere (v6)

My attempts in the playbook:

- name: delete mDNS rule by name
  ufw:
    rule: allow
    name: mDNS
    delete: yes

or

- name: delete mDNS rule 
  ufw:
    rule: allow
    to_ip: xxx.xxx.xxx.xxx
    to_port: 5353
    proto: udp
    delete: yes

In both cases, Ansible reports an "ok" statment but the mDNS rule is still present.

TASK [delete mDNS rule by name] ************

ok: [host ip]

TASK [delete mDNS rule] ************

ok: [host ip]

Is there a way with ansible? I want to automate my project as much as possible.

Answer 1

This worked for me:

- name: Delete UFW default IPv6 mDNS rule
  ufw:
    rule: allow
    direction: in
    dest: xxxx::xx
    name: mDNS
    delete: yes

- name: Delete UFW default IPv4 mDNS rule
  ufw:
    rule: allow
    direction: in
    dest: xxx.xxx.xxx.xxx
    name: mDNS
    delete: yes
                

I know it's a bit late for a response, but I just finally worked it out myself.