c5a5b6b3f7
iptables-services might not be installed and is required if we're expecting to be able to start a service called "iptables". Installing that package is what provides the 'iptables' systemd unit file. Change-Id: Ic4ccbc3a0fb531d3d3b7924d22ed0b993a689622
26 lines
574 B
YAML
26 lines
574 B
YAML
- name: Persist ipv4 rules
|
|
become: yes
|
|
copy:
|
|
content: "{{ iptables_rules.stdout }}"
|
|
dest: "/etc/sysconfig/iptables"
|
|
|
|
- name: Persist ipv6 rules
|
|
become: yes
|
|
copy:
|
|
content: "{{ ip6tables_rules.stdout }}"
|
|
dest: "/etc/sysconfig/ip6tables"
|
|
|
|
# This provides the systemd unit file for iptables which might not be installed
|
|
- name: Ensure iptables-services is installed
|
|
become: yes
|
|
package:
|
|
name: iptables-services
|
|
state: present
|
|
|
|
- name: Ensure iptables is started
|
|
become: yes
|
|
service:
|
|
name: iptables
|
|
state: started
|
|
enabled: yes
|