Ansible firewalld is used to manage firewall rules on host machines. 

This works just as Linux firewalld daemon for allowing/blocking services 

from the port. 

It is split into two major concepts

•   Zones: This is the location for which we can control 

which services are exposed to 

or a location to which one the local network interface is connected.

•   Services: These are typically a series of port/protocol 

combinations (sockets) that your host may be listening on, 

which can then be placed in one or more zones

Few examples of setting up firewalld are

1- name: permit traffic in default zone for https service

2 ansible.posix.firewalld:

3   service: https

4   permanent: yes

5   state: enabled

6   

7- name: do not permit traffic in default zone on port 8081/tcp

8 ansible.posix.firewalld:

9   port: 8081/tcp

10   permanent: yes

11   state: disabled

​