Skip to content
Extraits de code Groupes Projets
Vue normale Lien permanent
clean.yml 661 octets
Newer Older
Fanch's avatar
add first working version
Fanch a validé
1 2 
---
Fanch's avatar
re-enable flush + fix force input  
Fanch a validé
3 4 5 6 7 8 9 10 11 12 13 14 
# TODO: find a cleaner way to handle this
# because if we flush filter and input policy is set to DROP
# then ansible next ssh cnx for next task will not work
- name: Set Policy
  ansible.builtin.iptables:
    chain: INPUT
    policy: ACCEPT
    ip_version: "{{ ip_version }}"
  tags:
    - molecule-idempotence-notest

# we want to flush because we don't want to save fail2ban or docker rule
Fanch's avatar
add first working version
Fanch a validé
15 16 17 18 19 20 
- name: Flush Tables
  ansible.builtin.iptables:
    table: "{{ item }}"
    flush: yes
    ip_version: "{{ ip_version }}"
  loop:  "{{ iptables_tables_to_clean }}"
Fanch's avatar
enable idempotence test  
Fanch a validé
21 22 
  tags:
    - molecule-idempotence-notest # as if we flush again, future rules will be re-applied