From e4275b21316c82e3e00f57641056ad6bdb65d931 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 6 Apr 2022 16:32:25 +0100
Subject: [PATCH] updated conditional

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_3/cis_3.4.1.x.yml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/tasks/section_3/cis_3.4.1.x.yml b/tasks/section_3/cis_3.4.1.x.yml
index b7b5033..7c25ff2 100644
--- a/tasks/section_3/cis_3.4.1.x.yml
+++ b/tasks/section_3/cis_3.4.1.x.yml
@@ -23,18 +23,15 @@
             name: "{{ item }}"
             state: stopped
             enabled: false
-        with_items:
-            - iptables
-            - ip6tables
-        when: item in ansible_facts.packages
 
       - name: "3.4.1.2 | PATCH | Ensure iptables-services not installed with firewalld | remove iptables-services pkg "
         package:
             name: iptables-services
             state: absent
-        when: "'iptables-services' in ansible_facts.packages"
+        when: 
   when:
       - rhel9cis_rule_3_4_1_2
+      - "'iptables-services' in ansible_facts.packages"
   tags:
       - level1-server
       - level1-workstation