From ce194c5abc860e19ad949cf8dd853417e16b37f7 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Tue, 30 Oct 2018 21:38:52 -0400
Subject: [PATCH] Update iptables.yml

---
 roles/2-common/tasks/iptables.yml | 35 +++++++++++++++----------------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/roles/2-common/tasks/iptables.yml b/roles/2-common/tasks/iptables.yml
index d84900650..b89553ac0 100644
--- a/roles/2-common/tasks/iptables.yml
+++ b/roles/2-common/tasks/iptables.yml
@@ -4,12 +4,13 @@
     enabled: no
   when: not is_debuntu
 
-- name: Use larger hammer to disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
-  shell: "systemctl disable firewalld.service"
+# Likely no longer nec as of 2019
+- name: Use larger hammer -- systemctl disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
+  shell: systemctl disable firewalld.service
   when: not is_debuntu
 
 - name: Mask firewalld service (OS's other than debuntu)
-  shell: 'systemctl mask firewalld'
+  shell: systemctl mask firewalld
   ignore_errors: yes
   when: not installing and not is_debuntu
 
@@ -20,17 +21,17 @@
   ignore_errors: yes
   when: not installing and not is_debuntu
 
-- name: Remove iptables.service file from /etc
+- name: Remove /etc/systemd/system/iptables.service
   file:
     path: /etc/systemd/system/iptables.service
     state: absent
 
-- name: Remove iptables-xs.service file from /etc
-  file:
-    path: /etc/systemd/system/iptables-xs.service
-    state: absent
+#- name: Remove iptables-xs.service file from /etc
+#  file:
+#    path: /etc/systemd/system/iptables-xs.service
+#    state: absent
 
-- name: Install iptables service package (debuntu)
+- name: Install package iptables-persistent (debuntu)
   package:
     name: iptables-persistent
     state: present
@@ -38,7 +39,7 @@
   tags:
     - download
 
-- name: Install iptables service package (OS's other than debuntu)
+- name: Install package iptables-services (OS's other than debuntu)
   package:
     name: iptables-services
     state: present
@@ -46,19 +47,17 @@
   tags:
     - download
 
-- name: Install iptables services
+- name: Install /etc/sysconfig/iptables-config from template
   template:
-    src: "{{ item.0 }}"
-    dest: "{{ item.1 }}"
+    src: iptables-config
+    path: /etc/sysconfig/iptables-config
     owner: root
     group: root
-    mode: "{{ item.2 }}"
-  with_items:
-   - { 0: 'iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' }
+    mode: 0644
 
-- name: Install Debian config (debuntu)
+- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
   template:
     src: iptables
-    dest: /etc/network/if-pre-up.d/iptables
+    path: /etc/network/if-pre-up.d/iptables
     mode: 0755
   when: is_debuntu