ansible playbook error using firewalld to set policy

[Deepak B K]

Hi Group, 

I am trying to write an ansible playbook to block all incoming traffic on the external interfaces .  I am getting the error message "parameters are mutually exclusive:". 

I appreciate a quick help I am missing any mandatory parameters?

@title Enable firewall services.
# @comment This tasks enables firewalld services for vms
- name: Enable firewalld service
  ansible.builtin.service:
    service: firewalld
    state: started

# @title Restrict external interfaces
# @comment This tasks blocks internal traffic from external interfaces.
- name: "Restrict external interfaces"
  ansible.posix.firewalld:
     interface: "{{ item }}"
     permanent: true
     state: present
     target: 'DROP'
     zone: external
   with_items:
     - "eth2"
     - "eth3"

************************************************************************************

failed: [dev-vm3x] (item=eth2) => {"ansible_loop_var": "item", "changed": false, "item": "eth2", "msg": "parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target"}
failed: [dev-vm3x] (item=eth3) => {"ansible_loop_var": "item", "changed": false, "item": "eth3", "msg": "parameters are mutually 

*************************************************************************************

Thanks and Regards,

Deepak Kumar

[Michael DiDomenico]

i'm not an expert, but i think it's the combination of interface and
target that's tripping you up. believe you have to splt the interface
assignment and the zone assignment into two seperate tasks

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f3f49ef6-9a92-40b3-a2e1-3c6dfbb038aen%40googlegroups.com.