{% macro render_ipset(ipset, name, type="hash:net", family="inet6", timeout=None) %} create {{ name }} {{ type | default('hash:net') }} family {{ family }} counters {% if timeout %}timeout {{ timeout }}{% endif %} -exist flush {{ name }} {% if ipset | length %} {% for ip_or_net in ipset | ansible.utils.ipv6 %} add {{ name }} {{ ip_or_net }} {% endfor %} {% endif %} {% endmacro %} {{ render_ipset(firewall_ipset_mgmt, 'mgmt6') }} {{ render_ipset([], 'blacklist6') }} {{ render_ipset([], 'graylist6', type="hash:ip", timeout=600) }} {{ render_ipset(firewall_ipset_bogons, 'bogons6') }} {{ render_ipset([], 'cooloff6', type="hash:ip", timeout=firewall_ipset_cooloff_timeout) }} {% if firewall_ipset_node_exporter is defined %} {{ render_ipset(firewall_ipset_node_exporter, 'node_exporter6') }} {% endif %} {% if firewall_ipset_blackbox_exporter is defined %} {{ render_ipset(firewall_ipset_blackbox_exporter, 'blackbox_exporter6') }} {% endif %} {% if firewall_ipset_mtail is defined %} {{ render_ipset(firewall_ipset_mtail, 'mtail6') }} {% endif %} {% if firewall_ipset_syslog is defined %} {{ render_ipset(firewall_ipset_syslog, 'syslog6') }} {% endif %} {% if firewall_ipset_influxdb is defined %} {{ render_ipset(firewall_ipset_influxdb, 'influxdb6') }} {% endif %} {% if firewall_ipset_dns is defined %} {{ render_ipset(firewall_ipset_dns, 'dns6') }} {% endif %}