blob: e8e871e7d3563f0c0b35fa639f9cd640b4e7b3ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: (c) 2014, Timothy Vandenbrande <timothy.vandenbrande@gmail.com>
# Copyright: (c) 2017, Artem Zinenko <zinenkoartem@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: win_firewall_rule
version_added: "2.0"
short_description: Windows firewall automation
description:
- Allows you to create/remove/update firewall rules.
options:
enabled:
description:
- Is this firewall rule enabled or disabled.
type: bool
default: 'yes'
aliases: [ enable ]
state:
description:
- Should this rule be added or removed.
choices: [ absent, present ]
default: present
name:
description:
- The rules name
required: yes
direction:
description:
- Is this rule for inbound or outbound traffic.
required: yes
choices: [ in, out ]
action:
description:
- What to do with the items this rule is for.
required: yes
choices: [ allow, block, bypass ]
description:
description:
- Description for the firewall rule.
localip:
description:
- The local ip address this rule applies to.
default: any
remoteip:
description:
- The remote ip address/range this rule applies to.
default: any
localport:
description:
- The local port this rule applies to.
remoteport:
description:
- The remote port this rule applies to.
program:
description:
- The program this rule applies to.
service:
description:
- The service this rule applies to.
protocol:
description:
- The protocol this rule applies to.
default: any
profiles:
description:
- The profile this rule applies to.
type: list
default: domain,private,public
aliases: [ profile ]
force:
description:
- Replace any existing rule by removing it first.
- This is no longer required in 2.4 as rules no longer need replacing when being modified.
- DEPRECATED in 2.4 and will be removed in 2.9.
type: bool
default: 'no'
seealso:
- module: win_firewall
author:
- Artem Zinenko (@ar7z1)
- Timothy Vandenbrande (@TimothyVandenbrande)
'''
EXAMPLES = r'''
- name: Firewall rule to allow SMTP on TCP port 25
win_firewall_rule:
name: SMTP
localport: 25
action: allow
direction: in
protocol: tcp
state: present
enabled: yes
- name: Firewall rule to allow RDP on TCP port 3389
win_firewall_rule:
name: Remote Desktop
localport: 3389
action: allow
direction: in
protocol: tcp
profiles: private
state: present
enabled: yes
'''
|
