Make reloading of firewall rules on update optional.
This commit is contained in:
Nils Cant
@@ -24,3 +24,4 @@ iptables_rules_v6:
|
|||||||
policy: ACCEPT
|
policy: ACCEPT
|
||||||
OUTPUT:
|
OUTPUT:
|
||||||
policy: ACCEPT
|
policy: ACCEPT
|
||||||
|
iptables_reload_on_update: true
|
||||||
|
|||||||
@@ -1,2 +0,0 @@
|
|||||||
- name: Reload netfilter-persistent
|
|
||||||
command: netfilter-persistent reload
|
|
||||||
@@ -6,10 +6,14 @@
|
|||||||
template:
|
template:
|
||||||
src: rules-v4.j2
|
src: rules-v4.j2
|
||||||
dest: /etc/iptables/rules.v4
|
dest: /etc/iptables/rules.v4
|
||||||
notify: Reload netfilter-persistent
|
register: rules_v4
|
||||||
|
|
||||||
- name: rules.v6
|
- name: rules.v6
|
||||||
template:
|
template:
|
||||||
src: rules-v6.j2
|
src: rules-v6.j2
|
||||||
dest: /etc/iptables/rules.v6
|
dest: /etc/iptables/rules.v6
|
||||||
notify: Reload netfilter-persistent
|
register: rules_v6
|
||||||
|
|
||||||
|
- name: Reload netfilter-persistent
|
||||||
|
command: /usr/sbin/netfilter-persistent reload
|
||||||
|
when: iptables_reload_on_update and ( rules_v4 is changed or rules_v6 is changed )
|
||||||
|
|||||||
Reference in New Issue
Block a user