summaryrefslogtreecommitdiffstats
path: root/roles/os_firewall
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@redhat.com>2016-04-28 14:51:16 -0400
committerAndrew Butcher <abutcher@redhat.com>2016-04-29 15:44:40 -0400
commit00e0d272cdeacdb4bfd78a65b0d282de9ee821dc (patch)
tree45f740d72a6bf666a11b583b845550114a2bb88f /roles/os_firewall
parent72f295fc7cdef47bffbdffa35b263e120ac9ad93 (diff)
downloadopenshift-00e0d272cdeacdb4bfd78a65b0d282de9ee821dc.tar.gz
openshift-00e0d272cdeacdb4bfd78a65b0d282de9ee821dc.tar.bz2
openshift-00e0d272cdeacdb4bfd78a65b0d282de9ee821dc.tar.xz
openshift-00e0d272cdeacdb4bfd78a65b0d282de9ee821dc.zip
Cleanup various deprecation warnings.
Diffstat (limited to 'roles/os_firewall')
-rw-r--r--roles/os_firewall/defaults/main.yml2
-rw-r--r--roles/os_firewall/tasks/firewall/firewalld.yml12
-rw-r--r--roles/os_firewall/tasks/firewall/iptables.yml6
3 files changed, 8 insertions, 12 deletions
diff --git a/roles/os_firewall/defaults/main.yml b/roles/os_firewall/defaults/main.yml
index e3176e611..20413d563 100644
--- a/roles/os_firewall/defaults/main.yml
+++ b/roles/os_firewall/defaults/main.yml
@@ -1,3 +1,5 @@
---
os_firewall_enabled: True
os_firewall_use_firewalld: True
+os_firewall_allow: []
+os_firewall_deny: []
diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml
index ac4600f83..241fa8823 100644
--- a/roles/os_firewall/tasks/firewall/firewalld.yml
+++ b/roles/os_firewall/tasks/firewall/firewalld.yml
@@ -52,29 +52,25 @@
port: "{{ item.port }}"
permanent: false
state: enabled
- with_items: os_firewall_allow
- when: os_firewall_allow is defined
+ with_items: "{{ os_firewall_allow }}"
- name: Persist firewalld allow rules
firewalld:
port: "{{ item.port }}"
permanent: true
state: enabled
- with_items: os_firewall_allow
- when: os_firewall_allow is defined
+ with_items: "{{ os_firewall_allow }}"
- name: Remove firewalld allow rules
firewalld:
port: "{{ item.port }}"
permanent: false
state: disabled
- with_items: os_firewall_deny
- when: os_firewall_deny is defined
+ with_items: "{{ os_firewall_deny }}"
- name: Persist removal of firewalld allow rules
firewalld:
port: "{{ item.port }}"
permanent: true
state: disabled
- with_items: os_firewall_deny
- when: os_firewall_deny is defined
+ with_items: "{{ os_firewall_deny }}"
diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml
index 3b584f8eb..070fe6a3a 100644
--- a/roles/os_firewall/tasks/firewall/iptables.yml
+++ b/roles/os_firewall/tasks/firewall/iptables.yml
@@ -49,8 +49,7 @@
action: add
protocol: "{{ item.port.split('/')[1] }}"
port: "{{ item.port.split('/')[0] }}"
- with_items: os_firewall_allow
- when: os_firewall_allow is defined
+ with_items: "{{ os_firewall_allow }}"
- name: Remove iptables rules
os_firewall_manage_iptables:
@@ -58,5 +57,4 @@
action: remove
protocol: "{{ item.port.split('/')[1] }}"
port: "{{ item.port.split('/')[0] }}"
- with_items: os_firewall_deny
- when: os_firewall_deny is defined
+ with_items: "{{ os_firewall_deny }}"