---
# tasks file for iptables-kdeconnect
- name: Setup iptables for kdeconnect
  when: 'kdeconnect_enabled is true'
  block:
    - name: Allow new, established packets on TCP Kdeconnect ports
      ansible.builtin.iptables:
        chain: INPUT
        protocol: tcp
        destination_port: "{{ kdeconnect_ports }}"
        ctstate: NEW,ESTABLISHED
        jump: ACCEPT

    - name: Allow new, established packets on UDP Kdeconnect ports
      ansible.builtin.iptables:
        chain: INPUT
        protocol: udp
        destination_port: "{{ kdeconnect_ports }}"
        ctstate: NEW,ESTABLISHED
        jump: ACCEPT

    - name: iptables-persistent
      ansible.builtin.include_role:
        name: iptables-persistent