使用Ansible iptables模块更新iptables

Question

我想在我的linux框中更新iptables，我正在尝试使用iptables模块执行以下命令。你能帮我吗？

"- iptables -I INPUT -p tcp -m multiport --dports 80,443,830 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT"

我正在尝试更新，但出现错误，请您帮我。

ERROR:
{
"_ansible_parsed": true,
"invocation": {
"module_args": {
"protocol": "tcp",
"chain": "INPUT",
"cstate": "NEW",
"jump": "ACCEPT",
"destination_port": 80,
"match": "multiport"
}
},
"changed": false,
"_ansible_no_log": false,
"msg": "Unsupported parameters for (iptables) module: cstate Supported parameters include: action, chain, comment, ctstate, destination, destination_port, flush, fragment, goto, icmp_type, in_interface, ip_version, jump, limit, limit_burst, log_prefix, match, out_interface, policy, protocol, reject_with, rule_num, set_counters, set_dscp_mark, set_dscp_mark_class, source, source_port, state, syn, table, tcp_flags, to_destination, to_ports, to_source, uid_owner"
}

Answer 1

Ansible给您一个错误，因为您指定了一个名为cstate的参数。 iptables模块没有该参数。实际上，您可能拼错了ctstate，这是iptables模块中的现有参数。更正此错误，该错误将消失。