---
- name: Install the needed iptables packages
  apt: pkg={{ item }} state=installed
  with_items:
    - iptables
    - iptables-persistent
  tags: iptables

- name: Create the /etc/iptables directory when needed
  file: dest=/etc/iptables state=directory owner=root group=root mode=0755
  when: is_ubuntu_between_10_04_and_11_04_and_is_debian_6
  tags: iptables
  
- name: Install the IPv4 rules with a different name. Needed by Ubuntu < 12.04
  template: src=iptables-{{ item }}.j2 dest=/etc/iptables/rules owner=root group=root mode=0640
  with_items:
    - rules.v4
  when: is_ubuntu_between_10_04_and_11_04_and_is_debian_6
  notify: Start the iptables service on Ubuntu < 12.04
  tags: [ 'iptables', 'iptables_rules' ]

- name: Install the IPv4 and IPv6 iptables rules. The IPv6 ones are not used. On precise
  template: src=iptables-{{ item }}.j2 dest=/etc/iptables/{{ item }} owner=root group=root mode=0640
  with_items:
    - rules.v4
    - rules.v6
  when: is_precise
  notify: Start the iptables service
  tags: [ 'iptables', 'iptables_rules' ]

- name: Install the IPv4 and IPv6 iptables rules. The IPv6 ones are not used. On trusty
  template: src=iptables-{{ item }}.j2 dest=/etc/iptables/{{ item }} owner=root group=root mode=0640
  with_items:
    - rules.v4
    - rules.v6
  when: is_trusty
  notify: Start the iptables service
  tags: [ 'iptables', 'iptables_rules' ]

- name: Install the IPv4 and IPv6 iptables rules. The IPv6 ones are not used. On debian 7
  template: src=iptables-{{ item }}.j2 dest=/etc/iptables/{{ item }} owner=root group=root mode=0640
  with_items:
    - rules.v4
    - rules.v6
  when: is_debian7
  notify: Start the iptables service
  tags: [ 'iptables', 'iptables_rules' ]

- name: Install the IPv4 and IPv6 iptables rules. The IPv6 ones are not used. On debian 8
  template: src=iptables-{{ item }}.j2 dest=/etc/iptables/{{ item }} owner=root group=root mode=0640
  with_items:
    - rules.v4
    - rules.v6
  when: is_debian8
  notify: Start the netfilter service
  tags: [ 'iptables', 'iptables_rules' ]