diff --git a/roles/ufw_firewall/vars/main.yml b/roles/ufw_firewall/vars/main.yml
index 00391dd1a9..99bf6f39ed 100644
--- a/roles/ufw_firewall/vars/main.yml
+++ b/roles/ufw_firewall/vars/main.yml
@@ -1,2 +1,8 @@
 ---
 # vars file for roles/ufw_firewall
+ufw_firewall_rules: >
+    {%- set rules = [] -%}
+    {%- for network in ufw_campus_and_vpn -%}
+    {{ rules.append({'protocol': 'tcp', 'source': network, 'port': 22, 'action': 'ACCEPT'}) }}
+    {%- endfor -%}
+    {{ rules }}