Initial commit

tasks/main.yml

@@ -0,0 +1,23 @@
+- name: Add firewall rules
+  loop: "{{ firewall }}"
+  iptables:
+        chain: INPUT
+        ctstate:
+                - NEW
+                - ESTABLISHED
+                - RELATED
+        destination_port: "{{ item.port }}"
+        jump: ACCEPT
+        ip_version: 'ip{{ item.ipv }}'
+        protocol: '{{ item.proto }}'
+  tags:
+        - update
+        - firewall
+- name: Save netfilter rules
+  command:
+        argv:
+                - '/usr/sbin/netfilter-persistent'
+                - 'save'
+  tags:
+        - update
+        - firewall