ansible配置iptables防火墙配置

iptables防火墙配置

# 方法一: 相当于命令iptables -A 4A -s 10.159.17.177/32 -j ACCEPT

---

- name:

  hosts: 10.154.145.139

  tasks:

  - name:

    iptables:

      chain: 4A

      source: 10.159.17.177

      jump:  ACCEPT

    become: yes

 

  - name:

    shell: iptables-save > /etc/sysconfig/iptables.rules

 

 

 

# 方法二:相当于命令 iptables -A 4A -s 10.159.17.177/32 -p tcp -m tcp --dport 22 -j ACCEPT

---

- name: 防火墙配置

  hosts: 10.154.145.139

  tasks:

  - name:

    iptables:

      chain: 4A

      source: 10.159.17.177

      protocol: tcp

      destination_port: 22

      jump:  ACCEPT

    become: yes

 

  - name:

    shell: iptables-save > /etc/sysconfig/iptables.rules