class firewalld::service

Define: firewalld::service¶ ↑

This defines a service configuration. You usually don't need this, you can simply add ports to zone (firewalld::zone). Result is a /etc/firewalld/services/${name}.xml file, where ${name} is name of the class. See also firewalld.service (5) man page.

Parameters¶ ↑

short

short readable name

description

long description of service

ports

list of ports to open

ports  => [{
        port     => mandatory, string, e.g. '1234'
        protocol => mandatory, string, e.g. 'tcp' },...]

modules

list of kernel netfilter helpers to load

destination

specifies destination network as a network IP address (optional with /mask), or a plain IP address.

destination  => {
        ipv4 => string, mandatory to specify ipv4 and/or ipv6
        ipv6 => string, mandatory to specify ipv4 and/or ipv6 }

Examples¶ ↑

firewalld::service { 'dummy':
       description     => 'My dummy service',
       ports           => [{port => '1234', protocol => 'tcp',},],
       modules         => ['some_module_to_load'],
       destination     => {ipv4 => '224.0.0.251', ipv6 => 'ff02::fb'},}