This role will manage IPTables firewalls on CentOS 6 or 7 servers, as well as Ubuntu, using Jinja templates and group / host vars.
Examples of group_vars and host_vars are included for reference.
Message that firewall was changed will be sent to Slack
You must have Ansible 2.0 installed.
You need a Slack server
You must be cool with not using firewalld
Ideally CentOS 6 or 7
To set firewall on a host:
ansible-playbook iptables.yml -e hosts=host --sudo -K
The role will restart fail2ban gracefully as well as manage NFS and Samba firewall rules within ipset.
All incoming and outgoing traffic on IPv6 networks will be dropped by default.
All unicast TCP and UDP packets will be logged in syslog.