Install and configure iptables

**Role Variables**

.. zuul:rolevar:: iptables_allowed_hosts
   :default: []

   A list of dictionaries, each item in the list is a rule to add for
   a host/port combination.  The format of the dictionary is:

   .. zuul:rolevar:: hostname

      The hostname to allow.  It will automatically be resolved, and
      the inventory IP address will be added to the firewall.

   .. zuul:rolevar:: protocol

      One of "tcp" or "udp".

   .. zuul:rolevar:: port

      The port number.

.. zuul:rolevar:: iptables_allowed_groups
   :default: []

   A list of dictionaries, each item in the list is a rule to add for
   a host/port combination.  The format of the dictionary is:

   .. zuul:rolevar:: group

      The ansible inventory group to add.  Every host in the group will
      be added to the firewall.

   .. zuul:rolevar:: protocol

      One of "tcp" or "udp".

   .. zuul:rolevar:: port

      The port number.

.. zuul:rolevar:: iptables_public_tcp_ports
   :default: []

   A list of public TCP ports to open.

.. zuul:rolevar:: iptables_public_udp_ports
   :default: []

   A list of public UDP ports to open.

.. zuul:rolevar:: iptables_rules
   :default: []

   A list of iptables ingress rules.  Each item is a string
   containing the iptables command line options for the rule. These
   will be expanded to cover IPv4 and IPv6.

.. zuul:rolevar:: iptables_rules_v4
   :default: []

   A list of iptables v4 ingress rules.  Each item is a string
   containing the iptables command line options for the rule.

.. zuul:rolevar:: iptables_rules_v6
   :default: []

   A list of iptables v6 ingress rules.  Each item is a string
   containing the iptables command line options for the rule.

.. zuul:rolevar:: iptables_egress_rules
   :default: []

   A list of iptables egress rules.  Each item is a string
   containing the iptables command line options for the rule. These
   will be expanded to cover IPv4 and IPv6.

.. zuul:rolevar:: iptables_egress_rules_v4
   :default: []

   A list of iptables v4 egress rules.  Each item is a string
   containing the iptables command line options for the rule.

.. zuul:rolevar:: iptables_egress_rules_v6
   :default: []

   A list of iptables v6 egress rules.  Each item is a string
   containing the iptables command line options for the rule.