47 lines
1.4 KiB
Plaintext
47 lines
1.4 KiB
Plaintext
---
|
|
|
|
- hosts: extra_hosts
|
|
|
|
tasks:
|
|
|
|
- name: Install ulogd2
|
|
apt:
|
|
name: ulogd2
|
|
state: present
|
|
default_release: "{{ ansible_distribution_release }}"
|
|
tags:
|
|
- ulogd
|
|
- apt-ulogd
|
|
|
|
- name: Check if file '/etc/ulogd.conf.ORIG' exists
|
|
stat:
|
|
path: /etc/ulogd.conf.ORIG
|
|
register: ulogd_conf_orig_exists
|
|
tags:
|
|
- ulogd
|
|
|
|
- name: Backup existing file /etc/ulogd.conf
|
|
command: cp /etc/ulogd.conf /etc/ulogd.conf.ORIG
|
|
when: ulogd_conf_orig_exists.stat.exists == False
|
|
tags:
|
|
- ulogd
|
|
|
|
- name: Adjust file '/etc/ulogd.conf' 1/2
|
|
lineinfile:
|
|
path: /etc/ulogd.conf
|
|
insertafter: '^plugin="/usr/lib'
|
|
block: |
|
|
{{ item.entry }}
|
|
with_items:
|
|
- { entry: '' }
|
|
- { entry: '# ====================================================================' }
|
|
- { entry: '# Define two new plugin stacks inside for iptables logging' }
|
|
- { entry: '# ====================================================================' }
|
|
- { entry: '# -' }
|
|
- { entry: '# - firewall11 - for IPv4 Firewall' }
|
|
- { entry: '# - firewall12 - for IPv6 Firewall' }
|
|
- { entry: '# -' }
|
|
- { entry: 'stack=firewall11:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu11:LOGEMU' }
|
|
- { entry: 'stack=firewall12:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu12:LOGEMU' }
|
|
- { entry: '' }
|