From a39aa6dfd5420b1b18ae2ce19733ac329de8a593 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sun, 17 Dec 2017 14:34:47 +0100
Subject: [PATCH] add input and output iptables rules

---
 defaults/main.yml | 2 +-
 tasks/install.yml | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 1ed4b21..4992e69 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,6 +1,6 @@
 mosquitto_user: mosquitto
 mosquitto_group: mosquitto
-mosquitto_port: 8883
+mosquitto_port: 61000
 mosquitto_bind_address: "{{ ansible_default_ipv4.address }}"
 mosquitto_pid_dir: /var/run
 mosquitto_base_dir: /etc/mosquitto
diff --git a/tasks/install.yml b/tasks/install.yml
index b75575d..d9c8908 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -55,7 +55,9 @@
   iptables_raw:
     name: allow_mttq_port
     state: present
-    rules: '-A OUTPUT -m state --state NEW -p tcp --dport {{ mosquitto_port }} -j ACCEPT'
+    rules:
+      - '-A INPUT -m state --state NEW -p tcp --dport {{ mosquitto_port }} -j ACCEPT'
+      - '-A OUTPUT -m state --state NEW -p tcp --dport {{ mosquitto_port }} -j ACCEPT'
 
 - name: Copy systemd unit files
   template: