summaryrefslogtreecommitdiffstats
path: root/roles/os_firewall/tasks/firewall/iptables.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/os_firewall/tasks/firewall/iptables.yml')
-rw-r--r--roles/os_firewall/tasks/firewall/iptables.yml18
1 files changed, 18 insertions, 0 deletions
diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml
index 070fe6a3a..774916798 100644
--- a/roles/os_firewall/tasks/firewall/iptables.yml
+++ b/roles/os_firewall/tasks/firewall/iptables.yml
@@ -32,6 +32,24 @@
command: systemctl daemon-reload
when: install_result | changed
+- name: Determine if iptables service masked
+ command: >
+ systemctl is-enabled {{ item }}
+ with_items:
+ - iptables
+ - ip6tables
+ register: os_firewall_iptables_masked_output
+ changed_when: false
+ failed_when: false
+
+- name: Unmask iptables service
+ command: >
+ systemctl unmask {{ item }}
+ with_items:
+ - iptables
+ - ip6tables
+ when: "'masked' in os_firewall_iptables_masked_output.results | map(attribute='stdout')"
+
- name: Start and enable iptables service
service:
name: iptables
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-06 06:14:19 +0000