I am trying to determine if iptables/firewalld is running or not. If the
service/daemon is not running, I want to leave it that way. Otherwise, I
would like to bounce it. Below is my attempt to perform this. If there is
another/better way to do what I am trying to do, I am open to learn. :)
In vars...
net_lst6:
- { portnum: "135", inetprot: "tcp" }
- { portnum: "137:138", inetprot: "udp" }
- { portnum: "139", inetprot: "tcp" }
- { portnum: "445", inetprot: "tcp" }
In tasks....
- name: check iptables status
command: 'service iptables status | grep -i "not" | wc -l'
when: ansible_distribution_major_version == "6"
register: service_status
- name: setup iptables
iptables:
chain: INPUT
protocol: "{{item.inetprot}}"
state: present
destination_port: "{{item.portnum}}"
when: ( "ansible_distribution_major_version" == "6" ) and (
"service_status" != "1" )
with_items: "{{net_lst6}}"
notify: restart iptables
I am getting the error below.
TASK [test : check iptables status] ********************************
fatal: [server1]: FAILED! => {"changed": true, "cmd": ["service",
"iptables", "status", "|", "grep", "-i", "not", "|", "wc", "-l"], "delta":
"0:00:00.066634", "end": "2016-04-22 08:51:36.866972", "failed": true,
"rc": 3, "start": "2016-04-22 08:51:36.800338", "stderr": "", "stdout":
"iptables: Firewall is not running.", "stdout_lines": ["iptables: Firewall
is not running."], "warnings": ["Consider using service module rather than
running service"]}
Help.
Thank you in advance.
Regards,
J
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/1c20b117-81c4-4492-8410-f9089aae7a60%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
