I'm trying to use the iptables module, and I *think* I'm hitting a bug. Wanted
a sanity check before I open a bug report. This is Ansible 2.0.0.2. The action
looks like this:
- name: Update IPtables rules
iptables:
chain: INPUT
match: state
ctstate: NEW,RELATED,ESTABLISHED
destination_port: 6556
protocol: tcp
jump: ACCEPT
It's failing with this:
fatal: [ubuntu:]: FAILED! => {
"changed": false,
"cmd": "\/sbin\/iptables -t filter -A INPUT -p tcp -m state -j ACCEPT --
destination-port 6556 -m state --state NEW,RELATED,ESTABLISHED",
"failed": true,
"msg": "iptables v1.4.21: state: option \"--state\" must be specified\n\nTry
`iptables -h' or 'iptables --help' for more information.",
"rc": 2,
"stderr": "iptables v1.4.21: state: option \"--state\" must be
specified\n\nTry `iptables -h' or 'iptables --help' for more information.\n",
"stdout": "",
"stdout_lines": [
]
}
The command it's trying to run is this:
-t filter -A INPUT -p tcp -m state -j ACCEPT --destination-port 6556 -m state
--state NEW,RELATED,ESTABLISHED
Notice how it puts an '-m state' before the '-j ACCEPT' and then it does the
'-m state --state ..." properly later.
Bug? Or something I'm missing?
j