By making the firewall stateful and the first rule the typical 
the vast majority of legitimate traffic to your server is 
accepted after passing only that single rule. 
That traffic doesn't need to traverse any other rules.    

The netfilter-persistent package from Debian is useful for save/restore rules.

When using Ansible module to modify the systems iptables - When reject-with used no need to add jump=reject because it will duplicate -j for iptables and throw an error; when using ! for rules, use it whit quotes: "!.."

Useful resources: