From b5b081a460aaadc499695f72655e33ebde4a7c3b Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Mon, 28 Oct 2019 20:30:54 +0100
Subject: [PATCH] add iptables_custom_rules_extra var

---
 defaults/main.yml | 1 +
 tasks/config.yml  | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 0f53a97..bf293ec 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -15,6 +15,7 @@ iptables_default_tail: |
   -A FORWARD -j REJECT
 
 iptables_custom_rules: []
+iptables_custom_rules_extra: []
 
 # @var iptables_keep_unmanaged:description: >
 # By default this role deletes all iptables rules which are not managed by Ansible.
diff --git a/tasks/config.yml b/tasks/config.yml
index fdb5705..d950147 100644
--- a/tasks/config.yml
+++ b/tasks/config.yml
@@ -8,7 +8,7 @@
         state: '{{ item.state }}'
         weight: '{{ item.weight | default(omit) }}'
         table: '{{ item.table | default(omit) }}'
-      loop: '{{ iptables_custom_rules }}'
+      loop: '{{ iptables_custom_rules + iptables_custom_rules_extra }}'
       loop_control:
         label: "{{ item.name }}"