debian.ansible.firewall/firewall.yml

---

- name: Firewall with ufw
  hosts: all
  tasks:
    - name: Install Basic Packages
      apt:
        name: 
          - ufw
        update_cache: no
        install_recommends: no

    - name: Allow all access to tcp port 22 (ssh)
      community.general.ufw:
        rule: deny
        port: '22'
        proto: tcp

    - name: Allow all access to tcp port 33 (ssh)
      community.general.ufw:
        rule: allow
        port: '33'
        proto: tcp

    - name: Deny everything per policy and enable UFW
      community.general.ufw:
        state: enabled
        policy: deny
first commit 2022-07-10 10:50:58 +02:00			`---`

			`- name: Firewall with ufw`
			`hosts: all`
			`tasks:`
			`- name: Install Basic Packages`
			`apt:`
			`name:`
			`- ufw`
			`update_cache: no`
			`install_recommends: no`

			`- name: Allow all access to tcp port 22 (ssh)`
			`community.general.ufw:`
			`rule: deny`
			`port: '22'`
			`proto: tcp`

			`- name: Allow all access to tcp port 33 (ssh)`
			`community.general.ufw:`
			`rule: allow`
			`port: '33'`
			`proto: tcp`

			`- name: Deny everything per policy and enable UFW`
			`community.general.ufw:`
			`state: enabled`
			`policy: deny`