Update iptables.yml

2025-03-09 15:40:17 +00:00 · 2018-10-30 21:38:52 -04:00 · 2018-10-30 21:38:52 -04:00 · ce194c5abc
commit ce194c5abc
parent 811cd67eec
1 changed files with 17 additions and 18 deletions
--- a/roles/2-common/tasks/iptables.yml
+++ b/roles/2-common/tasks/iptables.yml
@ -4,12 +4,13 @@
    enabled: no
  when: not is_debuntu
- name: Use larger hammer to disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
+# Likely no longer nec as of 2019
-  shell: "systemctl disable firewalld.service"
+- name: Use larger hammer -- systemctl disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
  shell: systemctl disable firewalld.service
  when: not is_debuntu
 - name: Mask firewalld service (OS's other than debuntu)
-  shell: 'systemctl mask firewalld'
+  shell: systemctl mask firewalld
  ignore_errors: yes
  when: not installing and not is_debuntu
@ -20,17 +21,17 @@
  ignore_errors: yes
  when: not installing and not is_debuntu
- name: Remove iptables.service file from /etc
+- name: Remove /etc/systemd/system/iptables.service
  file:
    path: /etc/systemd/system/iptables.service
    state: absent
- name: Remove iptables-xs.service file from /etc
+#- name: Remove iptables-xs.service file from /etc
-  file:
+#  file:
-    path: /etc/systemd/system/iptables-xs.service
+#    path: /etc/systemd/system/iptables-xs.service
-    state: absent
+#    state: absent
- name: Install iptables service package (debuntu)
+- name: Install package iptables-persistent (debuntu)
  package:
    name: iptables-persistent
    state: present
@ -38,7 +39,7 @@
  tags:
    - download
- name: Install iptables service package (OS's other than debuntu)
+- name: Install package iptables-services (OS's other than debuntu)
  package:
    name: iptables-services
    state: present
@ -46,19 +47,17 @@
  tags:
    - download
- name: Install iptables services
+- name: Install /etc/sysconfig/iptables-config from template
  template:
-    src: "{{ item.0 }}"
+    src: iptables-config
-    dest: "{{ item.1 }}"
+    path: /etc/sysconfig/iptables-config
    owner: root
    group: root
-    mode: "{{ item.2 }}"
+    mode: 0644
  with_items:
   - { 0: 'iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' }
- name: Install Debian config (debuntu)
+- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
  template:
    src: iptables
-    dest: /etc/network/if-pre-up.d/iptables
+    path: /etc/network/if-pre-up.d/iptables
    mode: 0755
  when: is_debuntu