From e30735e08e85c4d6ecd70ebd904792705ccb3b61 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <Joerg.Sachse@slub-dresden.de>
Date: Mon, 2 Aug 2021 12:08:41 +0200
Subject: [PATCH] fix: insert iptables rules at the top instead of appending
 them at the bottom, because otherwise all rules below the 'reject' rule will
 not work as expected

---
 tasks/configure_iptables_externalusers.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tasks/configure_iptables_externalusers.yml b/tasks/configure_iptables_externalusers.yml
index 825dbe1..bdb2ecc 100644
--- a/tasks/configure_iptables_externalusers.yml
+++ b/tasks/configure_iptables_externalusers.yml
@@ -2,7 +2,7 @@
 # Configure common rules
 - name: iptables-Regeln setzen (alle Beteiligten)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -23,7 +23,7 @@
 # Configure specific rules
 - name: iptables-Regeln setzen (producer agnostic test system)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -44,7 +44,7 @@
 
 - name: iptables-Regeln setzen (UB Leipzig)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -65,7 +65,7 @@
 
 - name: iptables-Regeln setzen (Mediathek)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -86,7 +86,7 @@
 
 - name: iptables-Regeln setzen (Fotothek & DevBoost)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -107,7 +107,7 @@
 
 - name: iptables-Regeln setzen (Sanitytest)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
@@ -127,7 +127,7 @@
 
 - name: iptables-Regeln setzen (SLUB Kitodo)
   iptables:
-    action: append
+    action: insert
     chain: INPUT
     comment: "{{ item.comment }}"
     destination: "{{ item.dest | default(omit) }}"
-- 
GitLab