puzzle.opnsense.firewall_rules module – This module is used to manage OPNSense firewall rules
Note
This module is part of the puzzle.opnsense collection (version 1.1.1).
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install puzzle.opnsense
.
To use it in a playbook, specify: puzzle.opnsense.firewall_rules
.
New in puzzle.opnsense 1.0.0
Synopsis
This module is used to manage OPNSense firewall rules.
Parameters
Parameter |
Comments |
---|---|
Choose what to do with packets that match the criteria specified below. Choices:
|
|
You may enter or select a category here to group firewall rules |
|
Description for the rule. |
|
Specifies the source configuration. |
|
The IP address of the source. Default: |
|
Inverts the match logic. Choices:
|
|
The network of the source. Default: |
|
The port of the source. Default: |
|
Choices:
|
|
Set this option to disable this rule without removing it from the list. Choices:
|
|
Choose on which interface packets must come in to match this rule. |
|
IP version Choices:
|
|
Choices:
|
|
Choose which IP protocol this rule should match. Choices:
|
|
Choices:
|
|
Specifies the source configuration. |
|
The IP address of the source. Default: |
|
Inverts the match logic. Choices:
|
|
The network of the source. Default: |
|
The port of the source. Default: |
|
Weather rule should be added or removed. Choices:
|
Examples
- name: Block SSH in LAN Network
puzzle.opnsense.firewall_rules:
interface: lan
source:
destination:
port: 22
action: block
- name: Allow all access from RFC1918 networks to this host
puzzle.opnsense.firewall_rules:
interface: lan
action: pass
source:
ip: 192.168.0.0/16
destination:
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
A List of the executed OPNsense configure function along with their respective stdout, stderr and rc Returned: always Sample: |