With regards to the variable question:
with_items:
- { ip: "10.0.0.0/8", port: "any" }
- { ip: "172.16.0.0/12", port: "any" }
- { ip: "192.168.0.0/16", port: "any" }
- { ip: "{{ bellevue_office_ip }}", port: "any" }
Can you include the full output from the part about the protocol error?
On Wed, Jul 30, 2014 at 6:48 PM, Lars Sommer <[email protected]>
wrote:
> Having a hell of a time getting UFW to play nicely. Here's what I've got:
>
> Each role (in this case the role is "common", part of our baseline role)
> has a ufw.yml task file that gets imported to main.yml:
>
> ---
> - name: Configure UFW for baseline access
> ufw:
> rule=allow
> from_ip={{ item.ip }}
> to_port={{ item.port }}
> state=enabled
> with_items:
> - { ip: "10.0.0.0/8", port: "any" }
> - { ip: "172.16.0.0/12", port: "any" }
> - { ip: "192.168.0.0/16", port: "any" }
> - { ip: bellevue_office_ip, port: "any" }
> sudo: yes
>
> Now there's two problems-
> For the with_items entries that have a non-variable value for ip, those
> lines return "Error: Could not find protocol"
> For the line that uses the bellevue_office_ip variable, that line returns:
> "Error: Bad source address"
>
> My confusion is that the protocol parameter shouldn't be mandatory
> according to the UFW docs page: http://docs.ansible.com/ufw_module.html
> and that I should be able to use variables in this manner according to the
> Loops page: http://docs.ansible.com/playbooks_loops.html
>
> What am I missing? I can probably get away from trying to use variables in
> the with_items loop but boy I'd sure love to use it. The protocol thing
> though I have no idea, I don't know why that'd be choking me up.
>
> Thanks for any help,
> Lars
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/0e2962f5-9497-4c89-af81-2d3f49baf06b%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/0e2962f5-9497-4c89-af81-2d3f49baf06b%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwOYAyZ2ZY2dusEsrsGdfga%3D6FxW5pkyd%3DNpOFuUCEAbw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
