# {{ ansible_managed }}

{%- if groups['gateway_server']|string is search(inventory_hostname) %}

[Unit]
Description=IPv4 Firewall with iptables
After=network.target

[Service]
SyslogIdentifier="ipt-gateway"
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/local/sbin/ipt-firewall-gateway start
ExecStop=/usr/local/sbin/ipt-firewall-gateway stop
User=root

[Install]
WantedBy=multi-user.target
{% else %}

[Unit]
Description=IPv4 Firewall with iptables
After=network.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/local/sbin/ipt-firewall-server start
ExecStop=/usr/local/sbin/ipt-firewall-server stop
User=root

[Install]
WantedBy=multi-user.target
{% endif %}