#!/bin/sh
# {{ ansible_managed }}
{% set merged = firewall_v4_default_rules.copy() %}
{% set _ = merged.update(firewall_v4_group_rules) %}
{% set _ = merged.update(firewall_v4_host_rules) %}

# flush rules & delete user-defined chains
iptables -F
iptables -X
iptables -t raw -F
iptables -t raw -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X

{% for group, rules in merged|dictsort  %}
# {{ group }}
{% if not rules %}
# (none)
{% endif %}
{% for rule in rules %}
iptables {{ rule }}
{% endfor %}

{% endfor %}