From 69a58a8cd7d58b7465849abed63063ebb38cb63c Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Wed, 18 Sep 2019 15:19:46 +0200
Subject: [PATCH] fix default rules list

---
 molecule/ec2-centos-7/tests/test_default.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/molecule/ec2-centos-7/tests/test_default.py b/molecule/ec2-centos-7/tests/test_default.py
index 86313ed..21fe192 100644
--- a/molecule/ec2-centos-7/tests/test_default.py
+++ b/molecule/ec2-centos-7/tests/test_default.py
@@ -22,12 +22,12 @@ def test_iptables_running_and_enabled(host):
 
 def test_iptables_default_rules(host):
     defaults = [
-        "-P INPUT ACCEPT",
-        "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT",
-        "-A INPUT -i lo -j ACCEPT",
-        "-A INPUT -p icmp --icmp-type echo-request -j ACCEPT",
-        "-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT",
-        "-A INPUT -j REJECT"
+        '-P INPUT ACCEPT',
+        '-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -m comment --comment "ansible[iptables_default_head]"',
+        '-A INPUT -i lo -j ACCEPT -m comment --comment "ansible[iptables_default_head]"',
+        '-A INPUT -p icmp --icmp-type echo-request -j ACCEPT -m comment --comment "ansible[iptables_default_head]"',
+        '-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -m comment --comment "ansible[iptables_default_head]"',
+        '-A INPUT -j REJECT -m comment --comment "ansible[iptables_default_head]"'
     ]
 
     rules = host.iptables.rules("filter", "INPUT")