I am experimenting with Ansible and want to set a port forward rule in firewalld.
I've tried the following:
- name: Port forward for 443
become: true
ansible.posix.firewalld:
port_forward:
- port: 443
proto: tcp
toport: 2443
state: enabled
This resulted in:
ERROR: Exception caught: queryForwardPort() got an unexpected keyword argument ''to_port''
If I format it as a list it says
Only one port forward supported at a time
and if I format it as a dict I get:
argument port_forward is of type <class ''dict''> and we were unable to convert to list: <class ''dict''> cannot be converted to a list'
I'm using a Debian 11 VM with Ansible 2.10.8. I've installed the latest ansible.posix (1.3.0) as the included version was older (1.1.1). I can manually create the rule on the target machine (OEL 8).
This is as far as I got using the documentation.
Any idea how to get this working?
Thank you in advance!
At a short glance there seems to be syntax errors. The first error message says
ERROR: Exception caught: queryForwardPort() got an unexpected keyword argument ''to_port''
to_port, whereby it should be toport according the linked documentation of the firewalld_module. Since your are on ansible.posix.collections v1.3.0 and there is bug report open according Ansible Collections Ansible Posix Issue #247, were downgrading to v1.2.0 fix the issue, another approach might be according Ansible Issue #28349 using the parameter rich_rule. That would work for v1.1.1 too.
- name: Redirect port 443 to 8443
firewalld:
rich_rule: rule family={{ item }} forward-port port=443 protocol=tcp to-port=8443
zone: public
permanent: true
immediate: true
state: enabled
with_items:
- ipv4
- ipv6
To get the older version you could use
ansible-galaxy collection install ansible.posix:1.2.0
The syntax error is in the file ansible.posix/plugins/modules/firewalld.py and seems to be simple enough that one can fix it on hisself locally on behalf.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments