community.windows.win_firewall_rule – Windows firewall automation
community.windows.win_firewall_rule – Windows firewall automation
Note
This plugin is part of the community.windows collection (version 1.2.0).
To install it use: ansible-galaxy collection install community.windows
.
To use it in a playbook, specify: community.windows.win_firewall_rule
.
Synopsis
- Allows you to create/remove/update firewall rules.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
action string |
|
What to do with the items this rule is for. Defaults to |
description string |
Description for the firewall rule. | |
direction string |
|
Whether this rule is for inbound or outbound traffic. Defaults to |
enabled boolean |
|
Whether this firewall rule is enabled or disabled. Defaults to
|
group string |
The group name for the rule. If name is not specified then the module will set the firewall options for all the rules in this group. | |
icmp_type_code list / elements=string |
The ICMP types and codes for the rule. This is only valid when protocol is Each entry follows the format Set the value to just See https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml for a list of ICMP types and the codes that apply to them. | |
localip string |
The local ip address this rule applies to. Set to Defaults to | |
localport string |
The local port this rule applies to. Set to Defaults to Must have protocol set | |
name string |
The rule's display name. This is required unless group is specified. | |
profiles list / elements=string |
The profile this rule applies to. Defaults to
| |
program string |
The program this rule applies to. Set to Defaults to | |
protocol string |
The protocol this rule applies to. Set to Defaults to | |
remoteip string |
The remote ip address/range this rule applies to. Set to Defaults to | |
remoteport string |
The remote port this rule applies to. Set to Defaults to Must have protocol set | |
service string |
The service this rule applies to. Set to Defaults to | |
state string |
|
Should this rule be added or removed. |
Notes
Note
- Multiple firewall rules can share the same name, if there are multiple matches then the module will set the user defined options for each matching rule.
See Also
See also
- community.windows.win_firewall
- The official documentation on the community.windows.win_firewall module.
Examples
- name: Firewall rule to allow SMTP on TCP port 25
community.windows.win_firewall_rule:
name: SMTP
localport: 25
action: allow
direction: in
protocol: tcp
state: present
enabled: yes
- name: Firewall rule to allow RDP on TCP port 3389
community.windows.win_firewall_rule:
name: Remote Desktop
localport: 3389
action: allow
direction: in
protocol: tcp
profiles: private
state: present
enabled: yes
- name: Firewall rule to be created for application group
community.windows.win_firewall_rule:
name: SMTP
group: application
localport: 25
action: allow
direction: in
protocol: tcp
state: present
enabled: yes
- name: Enable all the Firewall rules in application group
win_firewall_rule:
group: application
enabled: yes
- name: Firewall rule to allow port range
community.windows.win_firewall_rule:
name: Sample port range
localport: 5000-5010
action: allow
direction: in
protocol: tcp
state: present
enabled: yes
- name: Firewall rule to allow ICMP v4 echo (ping)
community.windows.win_firewall_rule:
name: ICMP Allow incoming V4 echo request
enabled: yes
state: present
profiles: private
action: allow
direction: in
protocol: icmpv4
icmp_type_code:
- '8:*'
- name: Firewall rule to alloc ICMP v4 on all type codes
community.windows.win_firewall_rule:
name: ICMP Allow incoming V4 echo request
enabled: yes
state: present
profiles: private
action: allow
direction: in
protocol: icmpv4
icmp_type_code: '*'
Authors
- Artem Zinenko (@ar7z1)
- Timothy Vandenbrande (@TimothyVandenbrande)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/windows/win_firewall_rule_module.html