From c5a5b6b3f79808a91ca7b103806b96880d382c28 Mon Sep 17 00:00:00 2001 From: David Moreau Simard Date: Fri, 29 Jun 2018 16:46:00 -0400 Subject: [PATCH] Ensure iptables-services is installed when persisting firewall config iptables-services might not be installed and is required if we're expecting to be able to start a service called "iptables". Installing that package is what provides the 'iptables' systemd unit file. Change-Id: Ic4ccbc3a0fb531d3d3b7924d22ed0b993a689622 --- roles/persistent-firewall/tasks/persist/RedHat.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/persistent-firewall/tasks/persist/RedHat.yaml b/roles/persistent-firewall/tasks/persist/RedHat.yaml index 55f7bd7f0..83944c17a 100644 --- a/roles/persistent-firewall/tasks/persist/RedHat.yaml +++ b/roles/persistent-firewall/tasks/persist/RedHat.yaml @@ -10,6 +10,13 @@ content: "{{ ip6tables_rules.stdout }}" dest: "/etc/sysconfig/ip6tables" +# This provides the systemd unit file for iptables which might not be installed +- name: Ensure iptables-services is installed + become: yes + package: + name: iptables-services + state: present + - name: Ensure iptables is started become: yes service: