---
- name: Start the iptables service
  service: name=iptables-persistent state=restarted enabled=yes
  notify: Restart fail2ban

- name: Start the netfilter service
  service: name=netfilter-persistent state=restarted enabled=yes
  when: is_debian8
  notify: Restart fail2ban

- name: Flush the iptables rules
  command: /etc/init.d/iptables-persistent flush
  ignore_errors: true

- name: Restart fail2ban after an iptables restart
  service: name=fail2ban state=restarted enabled=yes
  when: has_fail2ban

- name: Enable and start firewalld
  service: name=firewalld state=started enabled=yes
  when: firewalld_enabled

- name: Reload firewall config
  command: firewall-cmd --reload
  notify: Restart fail2ban
  when: firewalld_enabled

- name: Restart fail2ban
  service: name=fail2ban state=restarted
  when:
    - fail2ban_enabled is defined and fail2ban_enabled
    - centos_install_epel