Make ipv6 optional; remove spurious tabs from the readme.

README.rst

@@ -22,6 +22,7 @@ ping
     parametetrs:
       iptables:
         service:
+          enabled: True
           chain:
             INPUT:
               rules:
@@ -89,21 +90,23 @@ Allow access from local network
                   jump: ACCEPT
 
 IPv6 is supported as well
-		
+
 .. code-block:: yaml
 
     parameters:
       iptables:
         service:
+          enabled: True
+          ipv6: True
           chain:
             INPUT:
               rules:
                 - protocol: tcp
-		  family: ipv6
+                  family: ipv6
                   destination_port: 22
                   source_network: 2001:DB8::/32
                   jump: ACCEPT
-		  
+
 Read more
 =========
 

iptables/rules.sls

@@ -10,12 +10,14 @@ iptables_{{ chain_name }}_policy:
     - policy: {{ chain.policy }}
     - table: filter
 
+{%-   if service.ipv6 %}
 iptables_{{ chain_name }}_ipv6_policy:
   iptables.set_policy:
     - family: ipv6
     - chain: {{ chain_name }}
     - policy: {{ chain.policy }}
     - table: filter
+{%-   endif %}
 {%- endif %}
 
 {%- for service_name, service in pillar.items() %}

iptables/service.sls

@@ -37,6 +37,7 @@ iptables_{{ chain_name }}_policy:
     - require_in:
       - iptables: iptables_flush
 
+{%-   if service.ipv6 %}
 iptables_{{ chain_name }}_ipv6_policy:
   iptables.set_policy:
     - chain: {{ chain_name }}
@@ -45,13 +46,18 @@ iptables_{{ chain_name }}_ipv6_policy:
     - table: filter
     - require_in:
       - iptables: ip6tables_flush
+{%-   endif %}
+
 {%- endfor %}
 
 iptables_flush:
   iptables.flush
 
+{%- if service.ipv6 %}
 ip6tables_flush:
   iptables.flush:
     - family: ipv6
+{%- endif %}
+
 
 {%- endif %}