From a4acc85704847521d76d7899395505596107f0c1 Mon Sep 17 00:00:00 2001
From: Alan Orth <alan.orth@gmail.com>
Date: Mon, 27 Sep 2021 10:35:38 +0300
Subject: [PATCH] roles/common: Remove iptables on newer Debian

---
 roles/common/tasks/firewall_Debian.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/common/tasks/firewall_Debian.yml b/roles/common/tasks/firewall_Debian.yml
index f03ec59..dc5c4cf 100644
--- a/roles/common/tasks/firewall_Debian.yml
+++ b/roles/common/tasks/firewall_Debian.yml
@@ -25,6 +25,10 @@
   - name: Install firewall packages
     apt: pkg={{ debian_firewall_packages }} state=present cache_valid_time=3600
 
+  - name: Remove iptables on newer Debian
+    when: ansible_distribution_major_version is version('11', '>=')
+    apt: pkg=iptables state=absent
+
   - name: Copy nftables.conf
     when: ansible_distribution_major_version is version('11', '>=')
     template: src=nftables.conf.j2 dest=/etc/nftables.conf owner=root mode=0644