- hosts: router name: Switch destination ignore_unreachable: false tasks: - name: Get ruleset command: nvram get vts_rulelist when: inventory_hostname in groups['router'] register: ruleset - name: Print the gateway for each host when defined ansible.builtin.debug: msg: "var is {{ ruleset.stdout }}" - name: initialize variables set_fact: regexp: "\\g<1>{{ DESTINATION }}\\3" - set_fact: app_path: "{{ ruleset.stdout | regex_replace('(\\[0-9,]{1,}\\>)([0-9.]{1,})(\\>[0-9a-zA-Z\\s-]{0,}\\>TCP\\>)', regexp) | regex_replace('(\\[0-9,]{1,}\\>)([0-9.]{1,})(\\>[0-9a-zA-Z\\s-]{0,}\\>TCP\\>)', regexp) }}" - name: Print the gateway for each host when defined ansible.builtin.debug: msg: "var is {{ app_path }}" - name: Set ruleset command: nvram set vts_rulelist={{ app_path }} when: inventory_hostname in groups['router'] - name: Commit ruleset command: nvram commit when: inventory_hostname in groups['router'] - name: Commit ruleset command: service restart_firewall when: inventory_hostname in groups['router']