---
# defaults file for iptables

iptables_packages: ['iptables']

iptables_ip_versions: [ 'ipv4', 'ipv6' ]

iptables_services: ['iptables', 'ip6tables']

iptables_do_save: true

iptables_do_clean: true
iptables_tables_to_clean: [ 'raw', 'filter', 'nat', 'mangle', 'security' ]

iptables_host_ssh_port: 22

iptables_open_port_out: [ 22, 80, 443 ]
iptables_open_port_in: []

iptables_close_port_out: []
iptables_close_port_in: []

iptables_forward_policy: DROP
iptables_output_policy: ACCEPT
iptables_input_policy: DROP