Forum Discussion
NimbostratusAdd rule or rulelist at beginning F5 security firewall policy using ansible
EmployeeHey sels1987
Did you happen to see this post? - https://community.f5.com/t5/technical-forum/ansible-configuration-of-a-firewall-rule-list-to-be-added-on/m-p/313452
Is this what you are looking for?
NimbostratusHi Matt,
This link has partial answer.
1. How to bring rules and rulelists name of firewall security policy
ex: I have a policy "POL01" and have 3 rules - Rule01, Rule02 & Rule03, 2 rulelists - Rulelist01 & Rulelist02 and default-deny rule.
I am using tmsh list security firewall policy POL01 command to bring firewall policy details as I don't find f5_modules to get security firewall policy rules/rulelists. Unable to use the output of tmsh to convert to JSON or any object.
2. I added a new rule or rulelist. But not associate to policy. Assume, I got name of rules, rulelists of policy and execute bigip_firewall_rule module to associate and order the new rule/rulelist. Order & association happened as expected. But problem here is new rule or rulelist is not have proper configuration instead it has default deny configuration.
Workaround: Associate new rule/rulelist then for order the rules/rulelist - use "Dummy" in the rules ["New-Rulelist", "Rulelist01", "Rulelist02", "Rule01", "Rule02", "Rule03", "Default-Deny", "Dummy"] and then order again without "Dummy" ["New-Rulelist", "Rulelist01", "Rulelist02", "Rule01", "Rule02", "Rule03", "Default-Deny"].
- sels1987
Please ignore my second point as thread have answer to switch association and order to solve blank rule issue.
Please help for the first point. - How to bring rules and rulelists name of firewall security policy
