With the transition to the ufw state instead of ufw_simple we got several important goodies:

  • time of firewall state application
  • hard reset of manually added rules
  • no need to delete old rules

But, one unpleasant moment appeared: if the pillars contain an error, the firewall may remain in an inferior state after use.

A way was found within the state to check for errors in the pillars (, now the state is executed only if there are no errors.

Share this post