Should ufw_outgoing_traffic also allow to specify the protocol?

[jdaln]

Hello!

For ufw_outgoing_traffic, should it allow to specify the protocol? For example, we would have:

ufw_outgoing_traffic:
  - 22/tcp
  - 53 # this means both, as is currently the case
  - 80/tcp
etc...

I can make the PR with the necessary edits to:

ansible-role-hardening/tasks/ufw.yml

Lines 130 to 137 in 9045255

	- name: Allow outgoing specified ports
	community.general.ufw:
	rule: allow
	to_port: "{{ item | int }}"
	direction: out
	comment: ansible managed
	loop: "{{ ufw_outgoing_traffic }}"

[konstruktoid]

yeah, that seems like a good addition.

something like, since 22/tcp doesn't work:

  vars:
    ufw_outgoing_traffic:
      - { port: 80, proto: 'tcp' }
      - 443
      - 53
      - 123
      - 22
      - { port: 1234, proto: 'udp' }
  tasks:
    - name: Allow outgoing specified ports
      become: true
      community.general.ufw:
        rule: allow
        to_port: "{{ item.port | default(item) }}"
        proto: "{{ item.proto | default('tcp') }}"
        direction: out
        comment: ansible managed
      loop: "{{ ufw_outgoing_traffic }}"