diff options
author | Scott Dodson <sdodson@redhat.com> | 2017-08-11 12:03:58 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-08-11 12:03:58 -0400 |
commit | 3409e6db205b6b24914e16c62972de50071f4051 (patch) | |
tree | dbfacaf9d6640241ee5dd7a2446d330a4e12283e /roles/os_firewall/tasks/firewall | |
parent | 57d7984bc7d7f64184c0defd3cc305cb3ef2708f (diff) | |
parent | 7d50ffe98dfa17e3fb72627699c794843ed5295d (diff) | |
download | openshift-3409e6db205b6b24914e16c62972de50071f4051.tar.gz openshift-3409e6db205b6b24914e16c62972de50071f4051.tar.bz2 openshift-3409e6db205b6b24914e16c62972de50071f4051.tar.xz openshift-3409e6db205b6b24914e16c62972de50071f4051.zip |
Merge pull request #4797 from kwoodson/os_firewall_refactor
Refactor the firewall workflow.
Diffstat (limited to 'roles/os_firewall/tasks/firewall')
-rw-r--r-- | roles/os_firewall/tasks/firewall/firewalld.yml | 16 | ||||
-rw-r--r-- | roles/os_firewall/tasks/firewall/iptables.yml | 16 |
2 files changed, 0 insertions, 32 deletions
diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index 509655b0c..2cc7af478 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -49,19 +49,3 @@ until: pkaction.rc == 0 retries: 6 delay: 10 - -- name: Add firewalld allow rules - firewalld: - port: "{{ item.port }}" - permanent: true - immediate: true - state: enabled - with_items: "{{ os_firewall_allow }}" - -- name: Remove firewalld allow rules - firewalld: - port: "{{ item.port }}" - permanent: true - immediate: true - state: disabled - with_items: "{{ os_firewall_deny }}" diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 55f2fc471..ccb3c4713 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -33,19 +33,3 @@ - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail pause: seconds=10 when: result | changed - -- name: Add iptables allow rules - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: add - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_allow }}" - -- name: Remove iptables rules - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: remove - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_deny }}" |