ansible-playbooks/ubuntu/roles/firewall-ruleset-deploy/tasks/main.yml

---
# This role deploys firewall rulesets to Ubuntu hosts

- name: Make sure iptables and netfilter-persistent are installed
  apt:
    name: "{{ packages }}"
    state: latest
  vars:
    packages:
    - iptables-persistent
    - netfilter-persistent

- name: Copy IPv4 ruleset
  copy:
    src: {{ ansible_fqdn }}.rules.v4
    dest: /etc/iptables/rules.v4
    backup: yes

- name: Copy IPv6 ruleset
  copy:
    src: {{ ansible_fqdn }}.rules.v6
    dest: /etc/iptables/rules.v6
    backup: yes

- name: Restart netfilter-persistent service to load rulesets
  service:
    name: netfilter-persistent
    state: restarted
    enabled: yes
add firewall-ruleset-deploy playbook and gard's ruleset 2019-08-22 01:52:12 +00:00			`---`
			`# This role deploys firewall rulesets to Ubuntu hosts`

			`- name: Make sure iptables and netfilter-persistent are installed`
			`apt:`
			`name: "{{ packages }}"`
			`state: latest`
			`vars:`
			`packages:`
			`- iptables-persistent`
			`- netfilter-persistent`

			`- name: Copy IPv4 ruleset`
			`copy:`
			`src: {{ ansible_fqdn }}.rules.v4`
			`dest: /etc/iptables/rules.v4`
			`backup: yes`

			`- name: Copy IPv6 ruleset`
			`copy:`
			`src: {{ ansible_fqdn }}.rules.v6`
			`dest: /etc/iptables/rules.v6`
			`backup: yes`

			`- name: Restart netfilter-persistent service to load rulesets`
			`service:`
			`name: netfilter-persistent`
			`state: restarted`
			`enabled: yes`