# tasks file for ufw
---
- name: facts | set
  set_fact:
     kernel_version: "{{ ansible_kernel | regex_search('^([0-9]+\\.[0-9]+\\.[0-9]+)') }}"
  tags:
    - configuration
    - ufw
    - ufw-facts

# see https://askubuntu.com/a/1064533/261010, https://www.spinics.net/lists/netfilter-devel/msg55682.html
- include: fix-dropped-ssh-sessions.yml
  when:
    - kernel_version is version('4.14', '>=')
    - kernel_version is version('5', '<')
  tags:
    - configuration
    - ufw
    - ufw-fix-dropped-ssh-sessions

- include: install.yml
  tags:
    - configuration
    - ufw
    - ufw-install

- include: configure.yml
  tags:
    - configuration
    - ufw
    - ufw-configure

- name: start and enable service
  ufw:
    state: enabled
  tags:
    - configuration
    - ufw
    - ufw-start-enable-service