firewalld:
  enable: false
  firewalld_services:
    - name: ssh
      short: "SSHooph again"
      description: "SSH service"
      port:
        - port: 22
          protocol: tcp
      zone: public
      xcat_groups:
        - compute
        - all
        - slurm
        - ansible
        - test
        - test
      xcat_networks:
        - cluster
        - infiniband
        - test
        - test1
    - name: named
      short: "named"
      description: "DNS Service"
      port:
        - port: 53
          protocol: tcp
        - port: 953
          protocol: tcp
  firewalld_ipsets:
    fail2ban-ssh-ipv6:
      short: fail2ban-ssh-ipv6
      description: fail2ban-ssh-ipv6 ipset
      type: 'hash:ip'
      options:
        family:
          - inet6
        maxelem:
          - 65536
        timeout:
          - 300
        hashsize:
          - 1024
      targets:
        - 2a01::1