---
- name: Setup iptables
  block:
    - name: Set custom iptables rules
      iptables_raw:
        name: "iptables_custom_rules_{{ item.name }}"
        rules: "{{ item.rules }}"
        state: "{{ item.state | default('present') }}"
        weight: "{{ item.weight | default(omit) }}"
        table: "{{ item.table | default(omit) }}"
      loop: "{{ iptables_custom_rules }}"
      loop_control:
        label: "{{ item.name }}"

    - name: Set applications iptables rules
      iptables_raw:
        name: "{{ item.name }}"
        rules: "{{ item.rules }}"
        state: "{{ item.state | default('present') }}"
        weight: "{{ item.weight | default(omit) }}"
        table: "{{ item.table | default(omit) }}"
      loop: "{{ iptables_app_rules + iptables_app_rules_extra }}"
      loop_control:
        label: "{{ item.name }}"

    - name: Set default iptables head rules
      iptables_raw:
        name: iptables_default_head
        weight: 10
        keep_unmanaged: "{{ iptables_keep_unmanaged }}"
        state: present
        rules: "{{ iptables_default_head }}"

    - name: Set default iptables tail rules
      iptables_raw:
        name: iptables_default_tail
        weight: 99
        keep_unmanaged: "{{ iptables_keep_unmanaged }}"
        state: "{{ (not iptables_default_tail) | ternary('absent', 'present') }}"
        rules: "{{ iptables_default_tail }}"
  become: True
  become_user: root