From a426b0e24030b4c4190862ca03217bb716a707f5 Mon Sep 17 00:00:00 2001
From: Mark O'Brien <markobri@redhat.com>
Date: Nov 24 2020 17:26:29 +0000
Subject: no iptables on Centos 8


---

diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index f78beec..f009c63 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -237,7 +237,7 @@
    - iptables/iptables.{{ host_group }}
    - iptables/iptables.{{ env }}
    - iptables/iptables
-  when: baseiptables|bool
+  when: ((baseiptables|bool) or (ansible_distribution_major_version|int > 7 and ansible_distribution == 'CentOS'))
   notify:
   - restart iptables
   - reload libvirtd
@@ -253,7 +253,7 @@
   - iptables
   - service
   - base
-  when: baseiptables|bool
+  when: ((baseiptables|bool) or (ansible_distribution_major_version|int > 7 and ansible_distribution == 'CentOS'))
 
 - name: ip6tables
   template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=0600 backup=yes
@@ -263,7 +263,7 @@
    - iptables/ip6tables.{{ host_group }}
    - iptables/ip6tables.{{ env }}
    - iptables/ip6tables
-  when: baseiptables|bool
+  when: ((baseiptables|bool) or (ansible_distribution_major_version|int > 7 and ansible_distribution == 'CentOS'))
   notify:
   - restart ip6tables
   - reload libvirtd
@@ -278,7 +278,7 @@
   - ip6tables
   - service
   - base
-  when: baseiptables|bool
+  when: ((baseiptables|bool) or (ansible_distribution_major_version|int > 7 and ansible_distribution == 'CentOS'))
 
 - name: enable journald persistence
   file: path=/var/log/journal state=directory