Set default INPUT and FORWARD Chain in iptables to DROP

[NanoCode012]

Hello, one thing I noticed while I ssh-ed into a built OCI VM using cloudblock is that the INPUT chain in iptables is set to ACCEPT. May I ask if we could add the below to the cloudblock_oci.yml ansible playbook? Although OCI has their own firewall in front, the benefit is that if the VM is ever used for other purposes, the firewall gives the least amount of permissions, and the user does not need to think about this.

- name: Set the policy for the INPUT chain to DROP
  iptables:
    chain: INPUT
    policy: DROP

I could open a PR for this if you would like. I am not sure if other providers have this issue as well because I do not have an account with them, but it would be great to add just as a precaution.

Source: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/iptables_module.html#examples