debug

khaledk2 · Jan 4, 2025 · 9198d35 · 9198d35
1 parent 6c8042b
commit 9198d35
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/ansible/idr-firewall.yml b/ansible/idr-firewall.yml
@@ -25,15 +25,17 @@
         state: enabled
         permanent: true
         rich_rule:
-          #- "rule family='ipv4' forward accept"
-          - 'rule family="ipv4" destination address="0.0.0.0/0" accept'
+          - "rule family='ipv4' forward accept"
+          #- 'rule family="ipv4" destination address="0.0.0.0/0" accept'
           #firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -j ACCEPT
           #- firewall-cmd --add-rich-rule='rule family="ipv4" destination address="0.0.0.0/0" accept'
           - 'rule family="ipv4" direction="out" accept'
 
     - name: Run command 1
       become: true
-      ansible.builtin.command: firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -j ACCEPT
+      ansible.builtin.command:
+        - firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -j ACCEPT
+        - firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -d 0.0.0.0/0 -j ACCEPT
 #   Docker sets up its own rules, don't overwrite
 # - hosts: >
 #     {{ idr_environment | default('idr') }}-management-hosts