# {{ ansible_managed }}

{% if 
    item.ipv4_rules.prerouting | length > 0
    or
    item.ipv4_rules.postrouting | length > 0
%}
table ip {{ item.filename }} {
{% if item.ipv4_rules.prerouting | length > 0 %}
  chain prerouting {
    type nat hook prerouting priority 0;

{% for rule in item.ipv4_rules.prerouting %}
    {{ rule }}
{% endfor %}
  }
{% endif %}

{% if item.ipv4_rules.postrouting | length > 0 %}
  chain postrouting {
    type nat hook postrouting priority 100; policy accept;

{% for rule in item.ipv4_rules.postrouting %}
    {{ rule }}
{% endfor %}
  }
{% endif %}
}
{% endif %}

{% if 
    item.ipv6_rules.prerouting | length > 0
    or
    item.ipv6_rules.postrouting | length > 0
%}
table ip6 {{ item.filename }} {
{% if item.ipv6_rules.prerouting | length > 0 %}
  chain prerouting {
    type nat hook prerouting priority 0;

{% for rule in item.ipv6_rules.prerouting %}
    {{ rule }}
{% endfor %}
  }
{% endif %}

{% if item.ipv6_rules.postrouting | length > 0 %}
  chain postrouting {
    type nat hook postrouting priority 100; policy accept;

{% for rule in item.ipv6_rules.postrouting %}
    {{ rule }}
{% endfor %}
  }
{% endif %}
}
{% endif %}