playbooks/redhat/roles/firewall/tasks/main.yml

   1 - name: Install fail2ban and iptables-services
   2   become: true
   3   dnf:
   4     name: ['fail2ban', 'iptables-services']
   5     state: latest
   6     update_cache: yes
   7   notify: Restart firewall
   8
   9 - name: Disable firewalld
  10   become: true
  11   service:
  12     name: firewalld.service
  13     state: stopped
  14     enabled: no
  15
  16 - name: Enable fail2ban
  17   become: true
  18   service:
  19     name: fail2ban
  20     state: started
  21     enabled: yes
  22
  23 - name: Enable iptables-service
  24   become: true
  25   service:
  26     name: iptables
  27     state: started
  28     enabled: yes
  29
  30 - name: Configure firewall
  31   become: true
  32   copy:
  33     src: etc
  34     dest: /
  35     owner: root
  36     group: root
  37     directory_mode: '0750'
  38     mode: '0750'
  39     force: no
  40   notify: Restart firewall
  41
  42 - name: Fix permissions for /etc/network/functions
  43   become: true
  44   file:
  45     path: /etc/network/functions.phd
  46     mode: '0640'
  47   notify: Restart firewall