{% from "firewall/map.jinja" import firewall %}

iptables:
  pkg.installed:
    - pkgs:
      - {{ firewall['pkg'] }}
  file.managed:
    - name: {{ firewall['cfg'] }}
    - source: 'salt://firewall/files/iptables.jinja'
    - template: jinja
  service.running:
    - name: {{ firewall['svc'] }}
    - enable: True
    - watch:
      - file: iptables

{% if firewall['remove'] is not none %}
{{ firewall['remove'] }}:
  pkg.removed: []
{% endif %}