Re: [ansible-project] Re: But in iptables module?

2016-03-20 Thread Martin Terp Jensen 
I belive you need to use "match: conntrack" instead of "match: state" when
using ctstate

On Sun, Mar 20, 2016 at 6:41 AM, Dejay Clayton 
wrote:

> Looks like a bug to me.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/39b833ee-bed0-434d-87ff-e3bd3429a6ff%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPS4kBgvmf4_xd%2Bk1pHcDZcfgU2t0kzB9HhDN2-UP-kr7ZigWw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: But in iptables module?

2016-03-20 Thread Martin Terp Jensen 
I belive you need to use "match: conntrack" instead of "match: state" when 
using ctstate

On Friday, March 18, 2016 at 10:07:49 PM UTC+1, Joshua Kugler wrote:
>
> I'm trying to use the iptables module, and I *think* I'm hitting a bug. 
> Wanted 
> a sanity check before I open a bug report. This is Ansible 2.0.0.2. The 
> action 
> looks like this: 
>
>- name: Update IPtables rules 
>  iptables: 
>chain: INPUT 
>match: state 
>ctstate: NEW,RELATED,ESTABLISHED 
>destination_port: 6556 
>protocol: tcp 
>jump: ACCEPT 
>
> It's failing with this: 
>
>   fatal: [ubuntu:]: FAILED! => { 
>   "changed": false, 
>   "cmd": "\/sbin\/iptables -t filter -A INPUT -p tcp -m state -j ACCEPT -- 
> destination-port 6556 -m state --state NEW,RELATED,ESTABLISHED", 
>   "failed": true, 
>   "msg": "iptables v1.4.21: state: option \"--state\" must be 
> specified\n\nTry 
> `iptables -h' or 'iptables --help' for more information.", 
>   "rc": 2, 
>   "stderr": "iptables v1.4.21: state: option \"--state\" must be 
> specified\n\nTry `iptables -h' or 'iptables --help' for more 
> information.\n", 
>   "stdout": "", 
>   "stdout_lines": [ 
> 
>   ] 
> } 
>
> The command it's trying to run is this: 
>
> -t filter -A INPUT -p tcp -m state -j ACCEPT --destination-port 6556 -m 
> state 
> --state NEW,RELATED,ESTABLISHED 
>
> Notice how it puts an '-m state' before the '-j ACCEPT' and then it does 
> the 
> '-m state --state ..." properly later. 
>
> Bug? Or something I'm missing? 
>
> j 
>
>
>
> -- 
> Joshua J. Kugler - Fairbanks, Alaska 
> Azariah Enterprises - Programming and Website Design 
> jos...@azariah.com  - Jabber: peda...@gmail.com  
> PGP Key: http://pgp.mit.edu/  ID 0x73B13B6A 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a322a127-e227-44be-bd34-dd047cf1d683%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: But in iptables module?

2016-03-19 Thread Dejay Clayton 
Looks like a bug to me.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/39b833ee-bed0-434d-87ff-e3bd3429a6ff%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.