clean.yml 661 o
---
# TODO: find a cleaner way to handle this
# because if we flush filter and input policy is set to DROP
# then ansible next ssh cnx for next task will not work
- name: Set Policy
ansible.builtin.iptables:
chain: INPUT
policy: ACCEPT
ip_version: "{{ ip_version }}"
tags:
- molecule-idempotence-notest
# we want to flush because we don't want to save fail2ban or docker rule
- name: Flush Tables
ansible.builtin.iptables:
table: "{{ item }}"
flush: yes
ip_version: "{{ ip_version }}"
loop: "{{ iptables_tables_to_clean }}"
tags:
- molecule-idempotence-notest # as if we flush again, future rules will be re-applied