From 6f15e981589175f70dcc5223cb4de12f012f1775 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Mon, 28 Oct 2019 20:05:15 +0100
Subject: [PATCH] remove iptables integration

---
 defaults/main.yml | 11 -----------
 tasks/setup.yml   | 12 ------------
 2 files changed, 23 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index b4b0a86..8ba4e6f 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -4,17 +4,6 @@ ldap_proxy_urls:
   - "ldapi:/// ldap:///"
 ldap_proxy_options: []
 
-ldap_proxy_iptables_enabled: False
-ldap_proxy_open_ports:
-  - name: allow_ldap_out
-    rules: |
-      -A OUTPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
-    state: present
-  - name: allow_ldap_in
-    rules: |
-      -A INPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
-    state: present
-
 ldap_proxy_tls_enabled: False
 ldap_proxy_tls_cert_source: mycert.pem
 ldap_proxy_tls_key_source: mykey.pem
diff --git a/tasks/setup.yml b/tasks/setup.yml
index f6a87f8..9a30a2c 100644
--- a/tasks/setup.yml
+++ b/tasks/setup.yml
@@ -54,17 +54,5 @@
         mode: 0644
       loop: "{{ ldap_proxy_custom_schemas }}"
       notify: __slapd_restart
-
-    - name: Open ports in iptables
-      iptables_raw:
-        name: "{{ item.name }}"
-        rules: "{{ item.rules }}"
-        state: "{{ item.state }}"
-        weight: "{{ item.weight | default(omit) }}"
-        table: "{{ item.table | default(omit) }}"
-      loop: "{{ ldap_proxy_open_ports }}"
-      loop_control:
-        label: "{{ item.name }}"
-      when: ldap_proxy_iptables_enabled
   become: True
   become_user: root