| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- ---
- - name: Old version cleanup | Delete old forward [in] iptables rules
- iptables:
- state: absent
- chain: FORWARD
- in_interface: "{{ item }}"
- jump: ACCEPT
- comment: "{{ item }} FORWARD input"
- with_items:
- - contivh0
- - contivh1
- notify: Save iptables rules
- - name: Old version cleanup | Delete old forward [out] iptables rules
- iptables:
- state: absent
- chain: FORWARD
- out_interface: "{{ item }}"
- jump: ACCEPT
- comment: "{{ item }} FORWARD output"
- with_items:
- - contivh0
- - contivh1
- notify: Save iptables rules
- - name: Old version cleanup | Delete old input iptables rules
- iptables:
- state: absent
- chain: INPUT
- protocol: "{{ item.split('/')[1] }}"
- match: "{{ item.split('/')[1] }}"
- destination_port: "{{ item.split('/')[0] }}"
- comment: "{{ item.split('/')[2] }}"
- jump: ACCEPT
- with_items:
- - "53/udp/contiv dns"
- - "4789/udp/netplugin vxlan 4789"
- - "8472/udp/netplugin vxlan 8472"
- - "9003/tcp/contiv"
- - "9002/tcp/contiv"
- - "9001/tcp/contiv"
- - "9999/tcp/contiv"
- - "10000/tcp/Contiv auth proxy service (10000)"
- notify: Save iptables rules
|
