role firewall: add support for installation of gateway firewall - maybe not realy usable..

roles/firewall/templates/etc/systemd/system/ip6t-firewall.service.j2

@@ -1,5 +1,21 @@
 # {{ ansible_managed }}
 
+{%- if groups['gateway_server']|string is search(inventory_hostname) %}
+[Unit]
+Description=IPv6 Firewall with ip6tables
+After=network.target
+
+[Service]
+SyslogIdentifier="ip6t-gateway"
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/local/sbin/ip6t-firewall-gateway start
+ExecStop=/usr/local/sbin/ip6t-firewall-gateway stop
+User=root
+
+[Install]
+WantedBy=multi-user.target
+{% else %}
 [Unit]
 Description=IPv6 Firewall with ip6tables
 After=network.target
@@ -13,4 +29,5 @@ User=root
 
 [Install]
 WantedBy=multi-user.target
+{% endif %}
 

roles/firewall/templates/etc/systemd/system/ipt-firewall.service.j2

@@ -1,5 +1,23 @@
 # {{ ansible_managed }}
 
+{%- if groups['gateway_server']|string is search(inventory_hostname) %}
+
+[Unit]
+Description=IPv4 Firewall with iptables
+After=network.target
+
+[Service]
+SyslogIdentifier="ipt-gateway"
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/local/sbin/ipt-firewall-gateway start
+ExecStop=/usr/local/sbin/ipt-firewall-gateway stop
+User=root
+
+[Install]
+WantedBy=multi-user.target
+{% else %}
+
 [Unit]
 Description=IPv4 Firewall with iptables
 After=network.target
@@ -13,4 +31,5 @@ User=root
 
 [Install]
 WantedBy=multi-user.target
+{% endif %}