--- iptables-service-config-1: file.managed: - name: /etc/systemd/system/iptables.service - source: salt://firewall/iptables.service.j2 - template: jinja - watch_in: cmd: iptables-reload-systemd - require: - pkg: iptables-pkg iptables-service-config-2: file.managed: - name: /lib/systemd/system/iptables.service - source: salt://firewall/iptables.service.j2 - template: jinja - watch_in: cmd: iptables-reload-systemd - require: - pkg: iptables-pkg iptables-reload-systemd: cmd.run: - name: systemctl daemon-reload - require: - pkg: iptables-pkg iptables-service-script: file.managed: - name: /sbin/iptables-service - source: salt://firewall/iptables-service.j2 - template: jinja - user: root - group: root - mode: 0755 - require: - pkg: iptables-pkg iptables-config-dir: file.directory: - name: /etc/iptables iptables-main-config: file.managed: - name: /etc/iptables/iptables.conf - source: salt://firewall/iptables.conf.j2 - template: jinja - watch_in: - service: iptables-service - require: - pkg: iptables-pkg - file: iptables-config-dir iptables-reset-config: file.managed: - name: /etc/iptables/iptables.reset.conf - source: salt://firewall/iptables.conf.reset.j2 - template: jinja - watch_in: - service: iptables-service - require: - pkg: iptables-pkg - file: iptables-config-dir ip6tables-main-config: file.managed: - name: /etc/iptables/ip6tables.conf - source: salt://firewall/ip6tables.conf.j2 - template: jinja - watch_in: - service: iptables-service - require: - pkg: iptables-pkg - file: iptables-config-dir ip6tables-reset-config: file.managed: - name: /etc/iptables/ip6tables.reset.conf - source: salt://firewall/ip6tables.conf.reset.j2 - template: jinja - watch_in: - service: iptables-service - require: - pkg: iptables-pkg - file: iptables-config-dir iptables-service: service.running: - name: iptables - enable: True - require: - pkg: iptables-pkg