- name: ipset restore v4
  command: ipset restore -file {{ firewall_ipset_v4 }}

- name: ipset restore v6
  command: ipset restore -file {{ firewall_ipset_v6 }}

- name: iptables-restore
  command: "{{ item }}"
  loop:
    - iptables-restore --test {{ firewall_iptables_rules_v4 }}
    - iptables-restore {{ firewall_iptables_rules_v4 }}

- name: ip6tables-restore
  command: ip6tables-restore {{ firewall_iptables_rules_v6 }}

- name: reload ipset
  shell: ipset restore -exist -file {{ firewall_ipset }}

- name: restart firewall v4
  shell: "{{ item }}"
  loop:
    - iptables-restore --test {{ firewall_iptables_rules_v4 }} && iptables-restore {{ firewall_iptables_rules_v4 }}

- name: restart firewall v6
  shell: "{{ item }}"
  loop:
    - ip6tables-restore --test {{ firewall_iptables_rules_v6 }} && ip6tables-restore {{ firewall_iptables_rules_v6 }}

- name: iptables-persistent
  command: /usr/sbin/netfilter-persistent save

- name: restart ulogd
  service:
    name: "{{ firewall_ulogd_service_name }}"
    state: restarted