---

- name: remove firewalld
  package:
    name: firewalld
    state: removed

- name: install iptables packages
  package:
    name: "{{ item }}"
    state: installed
  with_items:
    - iptables
    - iptables-services

- name: create iptables config from template
  template:
    src: "{{ item }}.j2"
    dest: "/etc/sysconfig/{{ item }}"
    mode: 0600
    owner: root
    group: root
  notify: "reload {{ item }}"
  with_items:
    - iptables
    - ip6tables

- name: enable iptables service
  service:
    name: "{{ item }}"
    state: started
    enabled: true
  with_items:
    - iptables
    - ip6tables