Use Ansible to remove firewalld rich rule

Question

I'm trying to remove a firewalld rich rule by adding the absent state however I'm getting the error "absent and present state can only be used in zone level operations".

I've specified the public zone in the task so I'm not sure how absent should be used in this case.

  - name: Remove a firewall rule.
    firewalld:
      permanent: yes
      zone: public
      state: absent
      immediate: yes
      rich_rule: rule family="ipv4" source address="0.0.0.0/0" port protocol="tcp" port="1234" accept

I tried removing both permanent: and immediate: but still get the same error. — MattB, Jun 16 '20 at 19:32

score 1 · Answer 1 · answered Jun 18 '20 at 03:04

1

Use disabled instead... enabled and disabled are for setting firewall settings and absent and present are for zone creation and removal. Though it's possible this needs changing.

answered Jun 18 '20 at 03:04

Adam Miller

872
4
6

Use Ansible to remove firewalld rich rule

1 Answers1