| 12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- ---
- - name: Ensure firewalld service is not enabled
- systemd:
- name: firewalld
- state: stopped
- enabled: no
- masked: yes
- register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
- - name: Wait 10 seconds after disabling firewalld
- pause:
- seconds: 10
- when: task_result | changed
- - name: Install iptables packages
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - iptables
- - iptables-services
- when: not r_os_firewall_is_atomic | bool
- register: result
- until: result | success
- - name: Start and enable iptables service
- systemd:
- name: iptables
- state: started
- enabled: yes
- masked: no
- daemon_reload: yes
- register: result
- delegate_to: "{{item}}"
- run_once: true
- with_items: "{{ ansible_play_batch }}"
- - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail
- pause:
- seconds: 10
- when: result | changed
|
