########################################################################
# Access list, see cidr_table(5)
#
# {{ ansible_managed }}
# Do NOT edit this file directly!

{% if ipsec_subnet is defined %}
{{ ipsec_subnet }} permit
{% endif %}

{% for ip in lookup('pipe', 'dig +short outgoing.fripost.org A').splitlines() | sort -%}
{{ ip }}/32 permit
{% endfor %}
{% for ip in lookup('pipe', 'dig +short outgoing.fripost.org AAAA').splitlines() | sort -%}
{{ ip }}/128 permit
{% endfor %}