This repository has been archived by the owner on Jan 6, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 48
pfsense_nat_port_forward
Frederic Bor edited this page Aug 9, 2020
·
3 revisions
> PFSENSE_NAT_PORT_FORWARD (/home/fbor/ansible/lib/ansible/modules/network/pfsense/pfsense_nat_port_forward.py)
Manage pfSense Port Forward NAT Entries
* This module is maintained by The Ansible Community
OPTIONS (= is mandatory):
- after
Rule to go after, or "top"
[Default: (null)]
type: str
- associated_rule
Choose one of Add an associated filter rule gets updated when the port forward is updated, or Add an unassociated filter rule, or pass which passes all traffic that matches the
entry without having a firewall rule at all.
(Choices: associated, unassociated, pass, none)[Default: associated]
type: str
- before
Rule to go before, or "bottom"
[Default: (null)]
type: str
= descr
The name of the nat rule
[Default: None]
type: str
- destination
The destination address, in [!]{IP,HOST,ALIAS,any,IP:INTERFACE,NET:INTERFACE}[:port] format.
[Default: None]
type: str
- disabled
Is the rule disabled
[Default: False]
type: bool
- interface
The interface for the rule
[Default: (null)]
type: str
- natreflection
Allows NAT reflection to be enabled or disabled on a per-port forward basis.
(Choices: system-default, enable, purenat, disable)[Default: system-default]
type: str
- nordr
Disable redirection for traffic matching this rule
[Default: False]
type: bool
- nosync
Prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.
[Default: False]
type: bool
- protocol
Which protocol this rule should match.
(Choices: tcp, udp, tcp/udp, icmp, esp, ah, gre, ipv6, igmp, pim, ospf)[Default: tcp]
type: str
- source
The source address, in [!]{IP,HOST,ALIAS,any,IP:INTERFACE,NET:INTERFACE}[:port] format.
[Default: None]
type: str
- state
State in which to leave the rule
(Choices: present, absent)[Default: present]
type: str
- target
The translated to address, in {ALIAS,IP}[:port] format.
[Default: None]
type: str
AUTHOR: Frederic Bor (@f-bor)
METADATA:
status:
- preview
supported_by: community
EXAMPLES:
- name: "Add NAT port forward traffic rule"
pfsense_nat_port_forward:
descr: 'ssh'
interface: wan
source: any
destination: any:22
target: 1.2.3.4:22
associated_rule: pass
state: present
- name: "Delete NAT port forward traffic rule"
pfsense_nat_port_forward:
descr: 'ssh'
state: absent
RETURN VALUES:
commands:
description: the set of commands that would be pushed to the remote device (if pfSense had a CLI)
returned: always
type: list
sample: [
"create nat_port_forward 'ssh', interface='wan', source='any', destination='any:22', target='1.2.3.4:22', associated_rule='pass'",
"delete nat_port_forward 'ssh'"
]