Per default skip running ferm in docker guests.

debops / ansible-ferm

Manage iptables firewall using ferm

GNU General Public License v3.0

33 stars 20 forks source link

Per default skip running ferm in docker guests. #23

Closed htgoebel closed 9 years ago

htgoebel commented 9 years ago

Note: |bool is required due to the deficits of jinja evaluation and ansibles interpretation of results of jinja evaluation.

drybjed commented 9 years ago

I would go with a different direction in this - instead of specifying which hosts types should or shouldn't manage iptables, ferm role can just check if cap_net_admin capability is present, or if capabilities are even enforced. This way, role will behave correctly (managing iptables or not), on any combination of hosts.

I'm looking into a way to add that information to Ansible.

htgoebel commented 9 years ago

drybjed has implemented a better solution.