---
- name: Install shorewall
  urpmi: name=shorewall state=installed no-recommends=yes

# Generate configuration
- name: Generate zones
  template: src=zones.j2 dest=/etc/shorewall/zones owner=root group=root mode=0600 backup=yes

- name: Generate interfaces
  template: src=interfaces.j2 dest=/etc/shorewall/interfaces owner=root group=root mode=0600 backup=yes

- name: Generate policy
  template: src=policy.j2 dest=/etc/shorewall/policy owner=root group=root mode=0600 backup=yes

- name: Generate rules
  template: src=rules.j2 dest=/etc/shorewall/rules owner=root group=root mode=0600 backup=yes
  
- name: Generate shorewall.conf 
  template: src=shorewall.conf.j2 dest=/etc/shorewall/shorewall.conf owner=root group=root mode=0600 backup=yes

# Generate service configuration
- name: Generate Shorewall service conf
  template: src=shorewall.j2 dest=/etc/sysconfig/shorewall owner=root group=root mode=0600 backup=yes

- name: Restart Shorewall service
  service: name=shorewall state=restarted

- name: Check that Shorewall is running and enabled
  service: name=shorewall state=started enabled=yes