playbooks/roles/debian/firewall/tasks/main.yml

   1 - name: Install iptables and fail2ban
   2   become: true
   3   apt:
   4     cache_valid_time: 3600
   5     install_recommends: no
   6     name: ['iptables', 'fail2ban']
   7     state: latest
   8     update_cache: yes
   9   notify: Restart firewall
  10
  11 - name: Configure Debian firewall
  12   become: true
  13   copy:
  14     src: etc
  15     dest: /
  16     owner: root
  17     group: root
  18     directory_mode: '0750'
  19     mode: '0750'
  20     force: no
  21   notify: Restart firewall
  22
  23 - name: Fix permissions for /etc/network/functions
  24   become: true
  25   file:
  26     path: /etc/network/functions.phd
  27     mode: '0640'
  28   notify: Restart firewall