---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.


- name: Converge
  hosts: all
  roles:
    - role: "tripleo_firewall"
      tripleo_firewall_rules:
        '003 accept ftp from all':
          proto: 'tcp'
          dport: "21"
        '003 accept custom from all':
          proto: 'udp'
          dport:
            - "2121"
            - 2122
            - 2123
            - 2200-2210
          chain: OUTPUT
        '003 accept custom tcp from all':
          proto: 'tcp'
          dport:
            - 12121
            - 12122
            - 12123
            - 12200-12210
          chain: test-chain
        '004 gre networks':
          proto: 'gre'
        '005 vrrp networks':
          proto: 'vrrp'
        '006 neutron-test':
          dport: 2211
        '006 ironic-inspector':
          dport: 2212
        '124 snmp':
          dport: 2212
          source: '192.168.24.1/24'
          chain: test-chain2
        '125 snmp':
          dport: 2212
          destination: '::'
          chain: test-chain2