From 244de034d8d82f65d3dcddb00a74dcf4f7f3a380 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Sun, 19 Jun 2022 02:52:54 -0300
Subject: [PATCH] don't modify the firewall

---
 tasks/post_install.yml            |  2 ++
 templates/etc/conf.d/ip6tables.j2 | 14 ++++++++++++++
 templates/etc/conf.d/iptables.j2  | 14 ++++++++++++++
 3 files changed, 30 insertions(+)
 create mode 100644 templates/etc/conf.d/ip6tables.j2
 create mode 100644 templates/etc/conf.d/iptables.j2

diff --git a/tasks/post_install.yml b/tasks/post_install.yml
index 118adf9..68cced5 100644
--- a/tasks/post_install.yml
+++ b/tasks/post_install.yml
@@ -56,6 +56,8 @@
     dest: "{{ item }}"
     mode: "640"
   loop:
+  - /etc/conf.d/iptables
+  - /etc/conf.d/ip6tables
   - /etc/iptables/rules6-save
   - /etc/iptables/rules-save
   - /etc/ipset.d/blocklist4
diff --git a/templates/etc/conf.d/ip6tables.j2 b/templates/etc/conf.d/ip6tables.j2
new file mode 100644
index 0000000..b8f9e0a
--- /dev/null
+++ b/templates/etc/conf.d/ip6tables.j2
@@ -0,0 +1,14 @@
+# /etc/conf.d/ip6tables
+
+# Location in which ip6tables initscript will save set rules on
+# service shutdown
+IP6TABLES_SAVE="/etc/iptables/rules6-save"
+
+# Options to pass to ip6tables-save and ip6tables-restore
+SAVE_RESTORE_OPTIONS="-c"
+
+# Save state on stopping iptables
+SAVE_ON_STOP="no"
+
+# Enable/disable IPv6 forwarding with the rules
+IPFORWARD="no"
diff --git a/templates/etc/conf.d/iptables.j2 b/templates/etc/conf.d/iptables.j2
new file mode 100644
index 0000000..3efea7f
--- /dev/null
+++ b/templates/etc/conf.d/iptables.j2
@@ -0,0 +1,14 @@
+# /etc/conf.d/iptables
+
+# Location in which iptables initscript will save set rules on
+# service shutdown
+IPTABLES_SAVE="/etc/iptables/rules-save"
+
+# Options to pass to iptables-save and iptables-restore
+SAVE_RESTORE_OPTIONS="-c"
+
+# Save state on stopping iptables
+SAVE_ON_STOP="no"
+
+# Enable/disable IPv4 forwarding with the rules
+IPFORWARD="no"