Skip to content

Instantly share code, notes, and snippets.

@rdeknijf
Created September 25, 2017 09:07
Show Gist options
  • Save rdeknijf/f6d847dc88c217129415c3d2e5372cdc to your computer and use it in GitHub Desktop.
Save rdeknijf/f6d847dc88c217129415c3d2e5372cdc to your computer and use it in GitHub Desktop.
Ansible iptables expected result (2.3)
TASK [rdeknijf.openvpn : iptables - Allow VPN forwarding] ************************************************ [1518/3663]
task path: /home/rdeknijf/projects/kieskeurig/openvpn/deploy/ansible/roles-vendor/rdeknijf.openvpn/tasks/iptables.yml:7
Monday 25 September 2017 10:37:55 +0200 (0:00:00.312) 0:00:02.561 ******
Using module file /usr/local/lib/python2.7/dist-packages/ansible/modules/system/iptables.py
<main-001.openvpn.prd.main.aws.kieskeurighost.nl> ESTABLISH SSH CONNECTION FOR USER: None
<main-001.openvpn.prd.main.aws.kieskeurighost.nl> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-wit
h-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/rdeknijf/.ansible/cp/8a8191f72f main-001.openvpn.prd.main.aws.kieskeurighost.nl '/bin/sh -c '"'"'sudo
-H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-cnucaalhqedxtqppcrpluqiyflsgpihs; /usr/bin/python'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<main-001.openvpn.prd.main.aws.kieskeurighost.nl> (0, '\n{"chain": "FORWARD", "changed": true, "rule": "-s 10.9.0.0/24 -m comment --comment Allow VPN forwarding", "failed": false, "state": "present", "flush": fal
se, "invocation": {"module_args": {"comment": "Allow VPN forwarding", "set_counters": null, "chain": "FORWARD", "out_interface": null, "limit_burst": null, "ctstate": [], "jump": null, "to_ports": null, "flush":
false, "protocol": null, "icmp_type": null, "to_destination": null, "uid_owner": null, "set_dscp_mark_class": null, "destination": null, "set_dscp_mark": null, "source": "10.9.0.0/24", "state": "present", "policy
": "ACCEPT", "match": [], "goto": null, "fragment": null, "to_source": null, "in_interface": null, "source_port": null, "destination_port": null, "table": "filter", "reject_with": null, "limit": null, "action": "
append", "ip_version": "ipv4"}}, "table": "filter", "ip_version": "ipv4"}\n', '')
changed: [main-001.openvpn.prd.main.aws.kieskeurighost.nl] => {
"chain": "FORWARD",
"changed": true,
"failed": false,
"flush": false,
"invocation": {
"module_args": {
"action": "append",
"chain": "FORWARD",
"comment": "Allow VPN forwarding",
"ctstate": [],
"destination": null,
"destination_port": null,
"flush": false,
"fragment": null,
"goto": null,
"icmp_type": null,
"in_interface": null,
"ip_version": "ipv4",
"jump": null,
"limit": null,
"limit_burst": null,
"match": [],
"out_interface": null,
"policy": "ACCEPT",
"protocol": null,
"reject_with": null,
"set_counters": null,
"set_dscp_mark": null,
"set_dscp_mark_class": null,
"source": "10.9.0.0/24",
"source_port": null,
"state": "present",
"table": "filter",
"to_destination": null,
"to_ports": null,
"to_source": null,
"uid_owner": null
}
},
"ip_version": "ipv4",
"rule": "-s 10.9.0.0/24 -m comment --comment Allow VPN forwarding",
"state": "present",
"table": "filter"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment