I am trying to determine if iptables/firewalld is running or not. If the service/daemon is not running, I want to leave it that way. Otherwise, I would like to bounce it. Below is my attempt to perform this. If there is another/better way to do what I am trying to do, I am open to learn. 
In vars…
net_lst6:
-
{ portnum: “135”, inetprot: “tcp” }
-
{ portnum: “137:138”, inetprot: “udp” }
-
{ portnum: “139”, inetprot: “tcp” }
-
{ portnum: “445”, inetprot: “tcp” }
In tasks…
-
name: check iptables status
command: ‘service iptables status | grep -i “not” | wc -l’
when: ansible_distribution_major_version == “6”
register: service_status -
name: setup iptables
iptables:
chain: INPUT
protocol: “{{item.inetprot}}”
state: present
destination_port: “{{item.portnum}}”
when: ( “ansible_distribution_major_version” == “6” ) and ( “service_status” != “1” )
with_items: “{{net_lst6}}”
notify: restart iptables
I am getting the error below.
TASK [test : check iptables status] ********************************
fatal: [server1]: FAILED! => {“changed”: true, “cmd”: [“service”, “iptables”, “status”, “|”, “grep”, “-i”, “not”, “|”, “wc”, “-l”], “delta”: “0:00:00.066634”, “end”: “2016-04-22 08:51:36.866972”, “failed”: true, “rc”: 3, “start”: “2016-04-22 08:51:36.800338”, “stderr”: “”, “stdout”: “iptables: Firewall is not running.”, “stdout_lines”: [“iptables: Firewall is not running.”], “warnings”: [“Consider using service module rather than running service”]}
Help.
Thank you in advance.
Regards,
J