zuul-jobs/roles/persistent-firewall/tasks/persist/Suse.yaml

- name: Persist ipv4 rules
  become: yes
  copy:
    content: "{{ iptables_rules.stdout }}"
    dest: "/etc/sysconfig/iptables"

- name: Persist ipv6 rules
  become: yes
  copy:
    content: "{{ ip6tables_rules.stdout }}"
    dest: "/etc/sysconfig/ip6tables"

- name: Configure rc.local to restore saved rules on restart
  become: yes
  blockinfile:
    path: /etc/init.d/boot.local
    insertbefore: "exit 0"
    content: |
      iptables-restore /etc/sysconfig/iptables
      ip6tables-restore /etc/sysconfig/ip6tables