---

- name: Handle Zimbra LDAP ports
  iptables_raw:
    name: zcs_ldap_ports
    state: "{{ (zcs_cluster_ip | length > 0 ) | ternary('present','absent') }}"
    rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 389,636 -s {{ (zcs_cluster_ip + zcs_ldap_src_ip) | join(',') }} -j ACCEPT"
  when: iptables_manage | default(True)
  tags: zcs