Replace command with shell in persistent-firewall
We continue to see the odd task rc of -13 when running iptables-save to store persistent set of firewall rules. Switch to shell to give us a bit more debugging freedom if necessary (and to rule out the command module). Change-Id: I0c0208101cad985d4113de6b636c3816613b778c
This commit is contained in:
parent
7ce53a7732
commit
3c60b35a19
|
@ -1,16 +1,22 @@
|
||||||
- name: List current ipv4 rules
|
- name: List current ipv4 rules
|
||||||
become: yes
|
become: yes
|
||||||
command: iptables-save
|
# Using shell to try and debug why this task when run sometimes returns -13
|
||||||
|
shell: iptables-save
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
register: iptables_rules
|
register: iptables_rules
|
||||||
|
tags:
|
||||||
|
- skip_ansible_lint
|
||||||
|
|
||||||
- name: List current ipv6 rules
|
- name: List current ipv6 rules
|
||||||
become: yes
|
become: yes
|
||||||
command: ip6tables-save
|
# Using shell to try and debug why this task when run sometimes returns -13
|
||||||
|
shell: ip6tables-save
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
register: ip6tables_rules
|
register: ip6tables_rules
|
||||||
|
tags:
|
||||||
|
- skip_ansible_lint
|
||||||
|
|
||||||
- name: Configure persistent iptables rules
|
- name: Configure persistent iptables rules
|
||||||
include: "{{ item }}"
|
include: "{{ item }}"
|
||||||
|
|
Loading…
Reference in New Issue