Hello guys,
So on rocky 9, in order to have NAT working for a typical internet gateway, a firewalld policy as to be configured, like this example:
firewall-cmd --permanent --new-policy policy_int_to_ext
firewall-cmd --permanent --policy policy_int_to_ext --add-ingress-zone internal
firewall-cmd --permanent --policy policy_int_to_ext --add-egress-zone external
firewall-cmd --permanent --policy policy_int_to_ext --set-priority 100
firewall-cmd --permanent --policy policy_int_to_ext --set-target ACCEPT
firewall-cmd --reload
I am trying to configure a firewall with the rhel-system-roles.firewall ansible role. Can do everything except adding that policy. I’m trying like this:
roles:
- rhel-system-roles.firewall
vars:
- firewall:
- { policy: int_to_ext,
ingress-zone: internal,
egress-zone: external,
priority: 100,
target: ACCEPT,
state: enabled }
But the policy does not get installed/configured. Any ideas? Many thanks in advance for any tip on this.