From a0a9123ca1a9e4c07f2c118f9c4304791b3592a5 Mon Sep 17 00:00:00 2001
From: Andy Kl <andy@klamke.net>
Date: Tue, 30 Jun 2020 01:27:44 +0200
Subject: [PATCH] add examples

---
 README.md | 62 +++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 46 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index 8bc8282..f0384b5 100644
--- a/README.md
+++ b/README.md
@@ -31,6 +31,28 @@ The following variable is used to define the default zone of firewalld:
 
 ---
 
+The following variables are used to define which interfaces assigned to zones:
+
+```
+    firewalld_zone_interfaces:
+      - name: (required, e.g. public)
+        interfaces: (required, list of interfaces, one or multiple possible)
+```
+
+Example:
+```
+    firewalld_zone_interfaces:
+      - name: trusted
+        interfaces:
+          - eth1
+          - eth2
+      - name: public
+        interfaces:
+          - eth0
+```
+
+---
+
 The following variables are used to define the source of a zone:
 
 ```
@@ -48,13 +70,36 @@ The following variables are used to define a service rule:
 
 ```
     firewalld_service_rules: 
-      service:
+      name:
+        service: (optional, default: use name if service is not defined)
         state: (optional, only values: enabled|disabled, default: enabled)
         zone: (optional, default: public) 
         permanent: (optional, only values: true|false, default: true)
         immediate: (optional, only values: true|false, default: true)
 ```
 
+Examples:
+```
+    firewalld_service_rules: 
+      ssh:
+        state: enabled
+        zone: public
+        permanent: true
+        immediate: true
+```
+or
+```
+    firewalld_service_rules:
+        ssh_trusted:
+            service: ssh
+            state: enabled
+            zone: trusted
+        ssh_public:
+            service: ssh
+            state: enabled
+            zone: public
+```
+
 ---
 
 The following variables are used to purge undefined active service rules: 
@@ -80,21 +125,6 @@ The following variables are used to define a port rule:
 
 ---
 
-The following variables are used to define which interfaces assigned to zones:
-
-```
-    firewalld_zone_interfaces:
-      - name: trusted
-        interfaces:
-          - eth1
-          - eth2
-      - name: public
-        interfaces:
-          - eth0
-```
-
----
-
 The following variables are used to define a rich rule: 
 
 ```