iptables_dir: /etc/iptables
iptables_file: "{{ iptables_dir }}/rules-save"

iptables_mappings:
  state: { module: 'state', param: 'state', upper: yes, join: ',' }
  action: { param: 'j', upper: yes }
  protocol: { param: 'p', lower: yes }
  icmp_type: { module: 'icmp', param: 'icmp-type' }
  in_intf: { param: 'i' }
  out_intf: { param: 'o' }
  src_addr: { param: 's', join: ',' }
  dst_addr: { param: 'd', join: ',' }
  src_port: { module: 'multiport', param: 'source-ports' }
  dst_port: { module: 'multiport', param: 'destination-ports' }
  any_port: { module: 'multiport', param: 'ports' }
  ipsec: { module: 'policy', param: 'pol', if_false: 'none', if_true: 'ipsec' }
  ipsec_direction: { module: 'policy', param: 'dir', lower: yes }
  tcp_flags: { param: 'tcp-flags', upper: yes }
  mss: { module: 'tcpmss', param: 'mss' }

  set_mss: { param: 'set-mss' }
  to_source: { param: 'to-source' }