Skip to content

Commit

Permalink
Merge pull request #86 from ansible-lockdown/ufw_optional
Browse files Browse the repository at this point in the history
Ufw optional
  • Loading branch information
uk-bolly authored Jul 19, 2023
2 parents a9ab947 + cb9ea8c commit 4c02b43
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
2 changes: 1 addition & 1 deletion defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -493,7 +493,7 @@ ubtu20cis_ufw_allow_out_ports:

ufw_add_incoming: false
ubtu20cis_ufw_allow_in:
- ports: 22
- port: 22
from: any
proto: tcp

Expand Down
7 changes: 4 additions & 3 deletions tasks/section_3/cis_3.5.1.x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -164,10 +164,11 @@
rule: allow
direction: in
from_ip: '{{ item.from }}'
to_port: '{{ item.ports }}'
to_port: '{{ item.port }}'
proto: '{{ item.proto }}'
loop:
- "{{ ubtu20cis_ufw_allow_in }}"
loop: "{{ ubtu20cis_ufw_allow_in }}"
loop_control:
label: "{{ item.port }}"
notify: reload ufw
when: ufw_add_incoming
tags:
Expand Down

0 comments on commit 4c02b43

Please sign in to comment.