---

- name: Deny Custom Out
  ansible.builtin.iptables:
    chain: OUTPUT
    protocol: 'tcp'
    destination_port: "{{ item }}"
    jump: DROP
    ip_version: "{{ ip_version }}"
  loop: "{{ iptables_close_port_out }}"

- name: Deny Custom In
  ansible.builtin.iptables:
    chain: INPUT
    protocol: 'tcp'
    destination_port: "{{ item }}"
    jump: DROP
    ip_version: "{{ ip_version }}"
  loop: "{{ iptables_close_port_in }}"

- name: Allow Custom Out
  ansible.builtin.iptables:
    chain: OUTPUT
    protocol: 'tcp'
    destination_port: "{{ item }}"
    jump: ACCEPT
    ip_version: "{{ ip_version }}"
  loop: "{{ iptables_open_port_out }}"

- name: Allow Custom In
  ansible.builtin.iptables:
    chain: INPUT
    protocol: 'tcp'
    destination_port: "{{ item }}"
    jump: ACCEPT
    ip_version: "{{ ip_version }}"
  loop: "{{ iptables_open_port_in }}"