summaryrefslogtreecommitdiffstats
path: root/roles/os_firewall
diff options
context:
space:
mode:
Diffstat (limited to 'roles/os_firewall')
-rwxr-xr-xroles/os_firewall/library/os_firewall_manage_iptables.py4
-rw-r--r--roles/os_firewall/tasks/firewall/firewalld.yml5
2 files changed, 6 insertions, 3 deletions
diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py
index 8ba650994..8d4878fa7 100755
--- a/roles/os_firewall/library/os_firewall_manage_iptables.py
+++ b/roles/os_firewall/library/os_firewall_manage_iptables.py
@@ -223,7 +223,9 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes
def gen_cmd(self):
cmd = 'iptables' if self.ip_version == 'ipv4' else 'ip6tables'
- return ["/usr/sbin/%s" % cmd]
+ # Include -w (wait for xtables lock) in default arguments.
+ default_args = ['-w']
+ return ["/usr/sbin/%s" % cmd] + default_args
def gen_save_cmd(self): # pylint: disable=no-self-use
return ['/usr/libexec/iptables/iptables.init', 'save']
diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml
index 1101870be..c4db197ca 100644
--- a/roles/os_firewall/tasks/firewall/firewalld.yml
+++ b/roles/os_firewall/tasks/firewall/firewalld.yml
@@ -1,7 +1,8 @@
---
- name: Install firewalld packages
- package: name=firewalld state=present
- when: not openshift.common.is_containerized | bool
+ package:
+ name: firewalld
+ state: present
- name: Ensure iptables services are not enabled
systemd:
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-20 20:02:19 +0000