suggestion

[leandro2910]

Hello!!
Sorry. This is my first time on this site and my English is bad
The change below allows you to use ipv4 / ipv6 and unique hostname

ansible-ufw/tasks/config.yml

Change the line:

• name: Configuring port/protocol/network rules
  ufw:
  from_ip: "{{ item.from_ip | default(omit) }}"
  to
  from_ip: "{{ item.from_ip | default(omit) if item.from_ip is not defined or item.from_ip|ipaddr else lookup('dig', item.from_ip| default(omit), 'qtype=A') }}"

The same functionality can be added for "to_ip:"

---

it is necessary to install: pip install dnspython
https://docs.ansible.com/ansible/latest/plugins/lookup/dig.html

---

ufw_rules:
  - { port: 22, rule: allow, comment: 'Allow SSH' }
  - { port: 80, rule: allow }
  - { from_ip: '127.0.0.1/8', comment: 'Allow localhost' }
  - { from_ip: 'www.redhat.com.br', comment: 'Allow localhost' }

[franklinkim]

Hi,

I think it should be possible to add the lookup into your variables, leaving this role untouched:

ufw_rules:
  - { port: 22, rule: allow, comment: 'Allow SSH' }
  - { port: 80, rule: allow }
  - { from_ip: '127.0.0.1/8', comment: 'Allow localhost' }
  - { from_ip: lookup('dig', 'www.redhat.com.br', 'qtype=A'), comment: 'Allow localhost' }