need to run it twice

[michaelsstuff]

Hi,

I run this role with the following vars:

firewall_state: stopped
firewall_enabled_at_boot: false
firewall_disable_firewalld: true

Before the first run, the fireall is off (freshly installed) and after the run, the firewall is up and running (and blocking):

[root@el8-test user]# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p udp -m udp --sport 123 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m limit --limit 15/min -j LOG --log-prefix "Dropped by firewall: " --log-level 7
-A INPUT -j DROP
-A OUTPUT -p udp -m udp --dport 123 -j ACCEPT

If I run the playbook again it chagnes the "Configure the firewall service." and then the firewall is actually stopped:

iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT

[stale[bot]]

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.

[stale[bot]]

This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.