cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
hvonderheyde
Mission Specialist
Mission Specialist
‎02-08-2024 01:54 PM
  • 3,258 Views

open multiple ports with ansible.posix.firewalld module

Hello learning community,

I am stuck with a small ansible problem.

Does anyone has an idea to nicely open multiple ports in a minimum of playbook tasks ?

I want to open below ports but a loop seems not to be working with the ansible.posix.firewalld module. 

I want to open all the following ports:

port 7/53 for udp and tcp

port 67-69 udp

port 80, 443, 5646, 5671, 8000, 8149, 9090 tcp 

 The following snippet is not working:

- name: configure access to required tcp network ports
    ansible.posix.firewalld:
      port: "{{ item }}/tcp”
      immediate: true
      permanent: true
      state: enabled
    with_items:
      - 7
      - 53
      - 80
      - 443
      - 5646
      - 5671
      - 8000
      - 8140
      - 9090
 
 
0 Kudos
Join the discussion
5 Replies
wbialy
Flight Engineer Flight Engineer
Flight Engineer
‎02-08-2024 02:07 PM
  • 3,251 Views

I can see that there is an issue with closing " in port line, but that is probably copy paste issue

I tried with loop and this works for me:

 

---
- name: Test
  hosts: ansible1
  become: true
  vars:
     ports:
         - 7
         - 53
         - 80
         - 443
         - 5646
         - 5671
         - 8000
         - 8140
         - 9090
      tasks:
          - name: configure access to required tcp network ports
            ansible.posix.firewalld:
                port: "{{ item }}/tcp"
                immediate: true
                permanent: true
                state: enabled
             loop: "{{ ports }}"

0 Kudos
hvonderheyde
Mission Specialist
Mission Specialist
‎02-08-2024 04:58 PM
  • 3,219 Views

Hello wbialy,

so ports as variables in the playbook is working. I should have tried this. Many thanks for your help and reply !

 

regards Hendrik 

0 Kudos
wbialy
Flight Engineer Flight Engineer
Flight Engineer
‎02-08-2024 02:12 PM
  • 3,250 Views

also if you want to open range you can add range to the vars list like this: 

     ports:
         - 7
         - 53
         - 80
         - 443
         - '67-69'

 

0 Kudos
Travis
Moderator
Moderator
‎02-08-2024 02:28 PM
  • 3,243 Views

@hvonderheyde -

I show this in my courses generally and also demo creating it as a role. 

https://galaxy.ansible.com/ui/standalone/roles/tmichett/manage_firewall/

https://github.com/tmichett/manage_firewall

You can provide list of ports/protocols. Some of the examples above would result in a TCP protocol only. Again, those are examples above you could easily modify.

 

---
- name: Manage Firewall
  hosts: serverc
  vars:
    fw:
      - fw_port: 8080
        fw_proto: tcp
      - fw_port: 9090
        fw_proto: tcp
    fw_svc:
      - fw_svc_name: http
      - fw_svc_name: https
  roles:
    - tmichett.manage_firewall

One other way using items from either the role task example here or the examples above you could modify the list of ports to have the protocol also attached.

 

  vars:
    fw_ports_prots:
      -  8080/tcp
      -  9090/tcp
      - 67/ucp
          - name: configure access to required tcp network ports
            ansible.posix.firewalld:
                port: "{{ item }}"
                immediate: true
                permanent: true
                state: enabled
             loop: "{{ fw_ports_prots }}"

 

 

Travis Michette, RHCA XIII
https://rhtapps.redhat.com/verify?certId=111-134-086
SENIOR TECHNICAL INSTRUCTOR / CERTIFIED INSTRUCTOR AND EXAMINER
Red Hat Certification + Training
0 Kudos
hvonderheyde
Mission Specialist
Mission Specialist
‎02-08-2024 04:56 PM
  • 3,219 Views

This is great. Many thanks Travis for this prompt solution, very much appreciated. Btw. very impressive list of certifications !

 

regards Hendrik 

0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use