firewalld module should support creation of port forwards

[seafoodbuffet]

ISSUE TYPE

• Feature Idea

COMPONENT NAME

firewalld module

ANSIBLE VERSION

ansible 2.3.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

SUMMARY

The firewalld module doesn't seem to allow creation of port forwards (--add-forward-port). This would be a useful capability to add to the module.

[ansibot]

cc @maxamillion
click here for bot help

[geoffreywiseman]

And if it is supported already, better documentation -- since I also am inclined to believe the firewalld module doesn't support this.

[mikehardenize]

Although I agree that the module needs updating to support this functionality explictly and/or include documentation, I thought it was worth me posting my solution to the problem in case others have the same issue:

- name: Redirect port 443 to 8443
  firewalld:
    rich_rule: rule family={{ item }} forward-port port=443 protocol=tcp to-port=8443
    zone:      public
    permanent: true
    immediate: true
    state:     enabled
  with_items:
    - ipv4
    - ipv6

[maxamillion]

@mikehardenize thanks for sharing, I'll update the examples in the firewalld module to include this.

I would like to add the port forward directive, but it's just a matter of finding the free time. I've recently pushed in a large refactor of the module up (#37603) and once that is merged, I'll add the port forward.

[maxamillion]

#39534