---

- hosts: extra_hosts

  tasks:

  - name: Install ulogd2
    apt:
      name: ulogd2
      state: present
      default_release: "{{ ansible_distribution_release }}"
    tags:
      - ulogd
      - apt-ulogd
   
  - name: Check if file '/etc/ulogd.conf.ORIG' exists
    stat:
      path: /etc/ulogd.conf.ORIG
    register: ulogd_conf_orig_exists
    tags:
      - ulogd

  - name: Backup existing file /etc/ulogd.conf
    command: cp /etc/ulogd.conf /etc/ulogd.conf.ORIG
    when: ulogd_conf_orig_exists.stat.exists == False
    tags:
      - ulogd

  - name: Adjust file '/etc/ulogd.conf' 1/2
    lineinfile:
      path: /etc/ulogd.conf
      insertafter: '^plugin="/usr/lib'
      block: |
        {{ item.entry }}
    with_items:
      - { entry: '' }
      - { entry: '# ====================================================================' }
      - { entry: '# Define two new plugin stacks inside for iptables logging' }
      - { entry: '# ====================================================================' }
      - { entry: '# -' }
      - { entry: '# -    firewall11 - for IPv4 Firewall' }
      - { entry: '# -    firewall12 - for IPv6 Firewall' }
      - { entry: '# -' }
      - { entry: 'stack=firewall11:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu11:LOGEMU' }
      - { entry: 'stack=firewall12:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu12:LOGEMU' }
      - { entry: '' }