---
# tasks file for iptables-samba
- name: Setup iptables for Samba
  when: 'samba_enabled is true'
  block:
    - name: Allow new, established packets on TCP Samba ports
      ansible.builtin.iptables:
        chain: INPUT
        protocol: tcp
        destination_port: "{{ item }}"
        ctstate: NEW,ESTABLISHED
        jump: ACCEPT
      with_items: '{{ samba_ports }}'

    - name: Allow new, established packets on UDP Samba ports
      ansible.builtin.iptables:
        chain: INPUT
        protocol: udp
        destination_port: "{{ item }}"
        ctstate: NEW,ESTABLISHED
        jump: ACCEPT
      with_items: '{{ samba_ports }}'

    - name: iptables-persistent
      ansible.builtin.include_role:
        name: iptables-persistent