myserver-configuration/roles/iptables/tasks/drop_all_by_default.yml

---

- name: Block all INPUT by default
  ansible.builtin.iptables:
    chain: INPUT
    policy: DROP
    comment: Block all INPUT by default
    state: present
  become: yes

- name: Block all OUTPUT by default
  ansible.builtin.iptables:
    chain: OUTPUT
    policy: DROP
    comment: Block all OUTPUT by default
    state: present
  become: yes

- name: Block all FORWARD by default
  ansible.builtin.iptables:
    chain: FORWARD
    policy: DROP
    comment: Block all FORWARD by default
    state: present
  become: yes
[IPTABLES] Add rules (Not tested) 2023-05-20 23:54:16 +02:00			`---`

			`- name: Block all INPUT by default`
			`ansible.builtin.iptables:`
			`chain: INPUT`
			`policy: DROP`
			`comment: Block all INPUT by default`
			`state: present`
			`become: yes`

			`- name: Block all OUTPUT by default`
			`ansible.builtin.iptables:`
			`chain: OUTPUT`
			`policy: DROP`
			`comment: Block all OUTPUT by default`
			`state: present`
			`become: yes`

			`- name: Block all FORWARD by default`
			`ansible.builtin.iptables:`
			`chain: FORWARD`
			`policy: DROP`
			`comment: Block all FORWARD by default`
			`state: present`
			`become: yes`