It's not particularly obvious that removing an application will remove it
from ufw's own state, potentially leaving ports open on your box if you
upload your configuration.
Whilst this applies to a lot of things in Ansible, firewall rules might
cross some sort of line that justifies such a warning in his instance.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
MAN page states the following :
Rules for traffic not destined for the host itself but instead for
traffic that should be routed/forwarded through the firewall should
specify the route keyword before the rule (routing rules differ
significantly from PF syntax and instead take into account netfilter
FORWARD chain conventions). For example:
ufw route allow in on eth1 out on eth2
This commit introduces a new parameter "route=yes/no" to allow just that.
* The policy is shown in `status verbose`, so all the check mode stuff should keep working.
* `--dry-run` works as expected.
* No idea whether it's legal as an argument to `interface`
Chris Lamb
Greg DeKoenigsberg
Nicolas Brisac
Toshio Kuratomi
Chris West
Michael DeHaan