Skip to content

Commit

Permalink
Merge pull request #60 from kris9854/devel
Browse files Browse the repository at this point in the history
Fix issue #59, General Space problem cleanup, dependencies adding + bug fix
  • Loading branch information
uk-bolly authored Sep 27, 2022
2 parents 656bf13 + 71323b7 commit 90b28a9
Show file tree
Hide file tree
Showing 5 changed files with 146 additions and 145 deletions.
4 changes: 3 additions & 1 deletion meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,6 @@ galaxy_info:
- microsoft
- windows

dependencies: []
dependencies:
- ansible.windows
- community.windows
1 change: 0 additions & 1 deletion tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
---

- name: Gather distribution info
setup:
gather_subset: distribution,!all,!min
Expand Down
54 changes: 27 additions & 27 deletions tasks/section09.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
- name: "9.1.1 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'"
- name: "9.1.1 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'"
win_regedit:
path: HKLM:\Software\Policies\Microsoft\Windowsfirewall\Domainprofile
name: EnableFirewall
Expand All @@ -13,7 +13,7 @@
- rule_9.1.1
- patch

- name: "9.1.2 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'"
- name: "9.1.2 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
name: DefaultInboundAction
Expand All @@ -27,7 +27,7 @@
- rule_9.1.2
- patch

- name: "9.1.3 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'"
- name: "9.1.3 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
name: DefaultOutboundAction
Expand All @@ -41,7 +41,7 @@
- rule_9.1.3
- patch

- name: "9.1.4 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'"
- name: "9.1.4 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
name: DisableNotifications
Expand All @@ -56,7 +56,7 @@
- patch

# title has slashes switched
- name: "9.1.5 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/domainfw.log'"
- name: "9.1.5 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/domainfw.log'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging
name: LogFilePath
Expand All @@ -70,7 +70,7 @@
- rule_9.1.5
- patch

- name: "9.1.6 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
- name: "9.1.6 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging
name: LogFileSize
Expand All @@ -84,7 +84,7 @@
- rule_9.1.6
- patch

- name: "9.1.7 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'"
- name: "9.1.7 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging
name: LogDroppedPackets
Expand All @@ -98,7 +98,7 @@
- rule_9.1.7
- patch

- name: "9.1.8 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'"
- name: "9.1.8 | PATCH | L1 | Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging
name: LogSuccessfulConnections
Expand All @@ -112,9 +112,9 @@
- rule_9.1.7
- patch

- name: "9.2.1 | PATCH | L1 | Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'"
- name: "9.2.1 | PATCH | L1 | Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'"
win_regedit:
path: HKLM:SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile
name: EnableFirewall
data: 1
type: dword
Expand All @@ -126,7 +126,7 @@
- rule_9.2.1
- patch

- name: "9.2.2 | PATCH | L1 | Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'"
- name: "9.2.2 | PATCH | L1 | Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile
name: DefaultInboundAction
Expand All @@ -140,7 +140,7 @@
- rule_9.2.2
- patch

- name: "9.2.3 | PATCH | L1 | Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'"
- name: "9.2.3 | PATCH | L1 | Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile
name: DefaultOutboundAction
Expand All @@ -154,7 +154,7 @@
- rule_9.2.3
- patch

- name: "9.2.4 | PATCH | L1 | Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'"
- name: "9.2.4 | PATCH | L1 | Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile
name: DisableNotifications
Expand All @@ -169,7 +169,7 @@
- patch

# title has slashes switched
- name: "9.2.5 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/privatefw.log'"
- name: "9.2.5 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/privatefw.log'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging
name: LogFilePath
Expand All @@ -183,7 +183,7 @@
- rule_9.2.5
- patch

- name: "9.2.6 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
- name: "9.2.6 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging
name: LogFileSize
Expand All @@ -197,7 +197,7 @@
- rule_9.2.6
- patch

- name: "9.2.7 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'"
- name: "9.2.7 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging
name: LogDroppedPackets
Expand All @@ -211,7 +211,7 @@
- rule_9.2.7
- patch

- name: "9.2.8 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'"
- name: "9.2.8 | PATCH | L1 | Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging
name: LogSuccessfulConnections
Expand All @@ -225,7 +225,7 @@
- rule_9.2.8
- patch

- name: "9.3.1 | PATCH | L1 | Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'"
- name: "9.3.1 | PATCH | L1 | Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: EnableFirewall
Expand All @@ -239,7 +239,7 @@
- rule_9.3.1
- patch

- name: "9.3.2 | PATCH | L1 | Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'"
- name: "9.3.2 | PATCH | L1 | Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: DefaultInboundAction
Expand All @@ -253,7 +253,7 @@
- rule_9.3.2
- patch

- name: "9.3.3 | PATCH | L1 | Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'"
- name: "9.3.3 | PATCH | L1 | Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: DefaultOutboundAction
Expand All @@ -267,7 +267,7 @@
- rule_9.3.3
- patch

- name: "9.3.4 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'"
- name: "9.3.4 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: DisableNotifications
Expand All @@ -281,7 +281,7 @@
- rule_9.3.4
- patch

- name: "9.3.5 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'"
- name: "9.3.5 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: AllowLocalPolicyMerge
Expand All @@ -296,7 +296,7 @@
- rule_9.3.5
- patch

- name: "9.3.6 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'"
- name: "9.3.6 | PATCH | L1 | Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile
name: AllowLocalIPsecPolicyMerge
Expand All @@ -311,7 +311,7 @@
- patch

# title has slashes switched
- name: "9.3.7 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/publicfw.log'"
- name: "9.3.7 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%/System32/logfiles/firewall/publicfw.log'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\Logging
name: LogFilePath
Expand All @@ -325,7 +325,7 @@
- rule_9.3.7
- patch

- name: "9.3.8 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
- name: "9.3.8 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\Logging
name: LogFileSize
Expand All @@ -339,7 +339,7 @@
- rule_9.3.8
- patch

- name: "9.3.9 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'"
- name: "9.3.9 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\Logging
name: LogDroppedPackets
Expand All @@ -353,7 +353,7 @@
- rule_9.3.9
- patch

- name: "9.3.10 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'"
- name: "9.3.10 | PATCH | L1 | Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'"
win_regedit:
path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\Logging
name: LogSuccessfulConnections
Expand Down
Loading

0 comments on commit 90b28a9

Please sign in to comment.