- name: 
  tags:
    - lxc-host
    - lxc-host-network
  block:
    - name: Enable UFW
      become: yes
      ufw:
        state: enabled

    - become: yes
      ufw:
        policy: allow
        direction: outgoing

    - become: yes
      ufw:
        policy: allow
        direction: routed

    - become: yes
      ufw:
        policy: deny
        direction: incoming