- name: Disable firewalld service (OS's other than debuntu)
  service:
    name: firewalld
    enabled: no
  when: not is_debuntu

# Likely no longer nec as of 2019
- name: Use larger hammer -- systemctl disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
  shell: systemctl disable firewalld.service
  when: not is_debuntu

- name: Mask firewalld service (OS's other than debuntu)
  shell: systemctl mask firewalld
  ignore_errors: yes
  when: not installing and not is_debuntu

- name: Stop firewalld service (OS's other than debuntu)
  service:
    name: firewalld
    state: stopped
  ignore_errors: yes
  when: not installing and not is_debuntu

- name: Remove /etc/systemd/system/iptables.service
  file:
    path: /etc/systemd/system/iptables.service
    state: absent

#- name: Remove iptables-xs.service file from /etc
#  file:
#    path: /etc/systemd/system/iptables-xs.service
#    state: absent

- name: Install package iptables-persistent (debuntu)
  package:
    name: iptables-persistent
    state: present
  when: is_debuntu | bool
  tags:
    - download

- name: Install package iptables-services (OS's other than debuntu)
  package:
    name: iptables-services
    state: present
  when: not is_debuntu
  tags:
    - download

- name: Install /etc/sysconfig/iptables-config from template
  template:
    src: iptables-config
    dest: /etc/sysconfig/iptables-config
    owner: root
    group: root
    mode: 0644

- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
  template:
    src: iptables
    dest: /etc/network/if-pre-up.d/iptables
    mode: 0755
  when: is_debuntu | bool