tasks/main.yml - private-cloud-ansible-playbooks/apigee-opdk-iptables-port-block - Git at Google

 ---
 # tasks file for apigee-opdk-iptables-port-block
 #- name: Using iptables to block a port
 #  become: true
 #  shell: "iptables -A INPUT -p tcp --destination-port {{ destination_port }} ! -s `hostname` -i eth0 -j DROP"
 #  environment:
 #    http_proxy: "{{ http_proxy }}"
 #    https_proxy: "{{ https_proxy }}"
 #    no_proxy: "{{ no_proxy }}"
 #    PORT_TIMEOUT: '{{ port_timeout | default(60) }}'
 #    UP_TIMEOUT: '{{ up_timeout | default(60) }}'

 - name: Using iptables to block a port
   become: true
   become_user: root
   iptables:
     chain: INPUT
     protocol: "tcp"
     destination_port: "{{ destination_port }}"
     source: "!{{ ansible_host }}"
     in_interface: 'eth0'
     jump: DROP
     table: filter
     state: present
	---
	# tasks file for apigee-opdk-iptables-port-block
	#- name: Using iptables to block a port
	# become: true
	# shell: "iptables -A INPUT -p tcp --destination-port {{ destination_port }} ! -s `hostname` -i eth0 -j DROP"
	# environment:
	# http_proxy: "{{ http_proxy }}"
	# https_proxy: "{{ https_proxy }}"
	# no_proxy: "{{ no_proxy }}"
	# PORT_TIMEOUT: '{{ port_timeout \| default(60) }}'
	# UP_TIMEOUT: '{{ up_timeout \| default(60) }}'

	- name: Using iptables to block a port
	become: true
	become_user: root
	iptables:
	chain: INPUT
	protocol: "tcp"
	destination_port: "{{ destination_port }}"
	source: "!{{ ansible_host }}"
	in_interface: 'eth0'
	jump: DROP
	table: filter
	state: present