I tried changing this task to not use a loop and instead just made it a
standard task definition, as below:
- name: apply ssh rule
ufw:
port: 22
proto: 'tcp'
src: '192.168.0.0/24'
rule: allow
direction: in
log: 'yes'
interface: eth0
state: enabled
I tried it with and without the interface parameter but I still get the
same error, "Invalid interface clause". The only interface in this machine
is eth0 so the interface name is correct.
Does anyone have a solution for this?
Guy
On Monday, July 4, 2016 at 5:19:54 PM UTC-7, Guy Knights wrote:
>
> I have some tasks that use the ufw module to add firewall rules, which up
> until now have been working fine. Today however, I added the 'log'
> parameter to the ufw task and I got the following error: "ERROR: Invalid
> interface clause".
>
> My task definition is below:
>
> - name: apply rules using 'firewall' variable defined in inventory vars
> ufw:
> port: "{{ item.0.port|default(omit) }}"
> proto: "{{ item.0.proto|default(omit) }}"
> src: "{{ item.1 }}"
> rule: "{{ item.0.rule }}"
> direction: "{{ item.0.direction|default(omit) }}"
> log: "{{ item.0.log|default('no') }}"
> state: enabled
> with_subelements:
> - "{{ firewall.rules }}"
> - src
>
> The troublesome firewall variable that's failing for the task above is:
>
> firewall:
> rules:
> ssh:
> port: 22
> proto: tcp
> src: "{{ ips.ssh }}"
> rule: allow
> direction: in
> log: 'yes'
>
> If I remove log: "{{ item.0.log|default('no') }}" from the ufw task it
> works fine.
>
> Thanks,
> Guy
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/08e620fd-fdfd-43d6-a9e2-deeda2160ad3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
