Commit Graph

6 Commits

Author SHA1 Message Date
Clark Boylan
a554a401ea Use present for package state instead of installed
Ansible 2.9 does not accept the "installed" state so we need to update
occurences of that to "present".

Change-Id: I13c95794efc63697c2418334ded7c6912bd7b59f
2019-12-17 08:24:05 -08:00
Clark Boylan
3c60b35a19 Replace command with shell in persistent-firewall
We continue to see the odd task rc of -13 when running iptables-save to
store persistent set of firewall rules. Switch to shell to give us a bit
more debugging freedom if necessary (and to rule out the command
module).

Change-Id: I0c0208101cad985d4113de6b636c3816613b778c
2019-10-02 10:18:38 -07:00
Colleen Murphy
18285584f1 Use iptables for openSUSE
In openSUSE Tumbleweed, the SuSEfirewall2 package was removed in favor
of firewalld[1]. This commit updates the iptables persistance tasks to
avoid using SuSEfirewall2 and instead use rc.local to restore saved
rules upon restart, and undefines the iptables_service variable for SUSE
since there is no service to restart any more. See the related change
for image builds[2].

[1] https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
[2] https://review.opendev.org/683236

Change-Id: I0f8d74dd00df192c20b96a9368b964839c306171
2019-09-27 15:45:01 -07:00
Matthew Thode
52da8a62fa
Add Gentoo iptables handling
Change-Id: I17a3a4dc68b189a5c8b8b48d7f5960b65d672405
2018-09-24 01:38:04 -05:00
David Moreau Simard
c5a5b6b3f7 Ensure iptables-services is installed when persisting firewall config
iptables-services might not be installed and is required if we're
expecting to be able to start a service called "iptables".

Installing that package is what provides the 'iptables' systemd unit
file.

Change-Id: Ic4ccbc3a0fb531d3d3b7924d22ed0b993a689622
2018-06-29 20:49:53 +00:00
David Moreau-Simard
0bb84bc58e
Persist iptables rules
We configured iptables rules but did not persist them.
This meant that rules would be flushed when restarting iptables or
the instance.

Change-Id: I9d90f55323a33d6a0f0dda1f7ab25d10984fa6cb
2017-10-31 17:39:32 -04:00