---
- name: "Szenario-Info: {{ network_scenarios[scenario].description }}"
  debug:
    msg: "Activating Szenario '{{ scenario }}'"

# --- 1. CLEANUP

- name: Stop Flapping Service (falls aktiv)
  systemd:
    name: flapping_simulation
    state: stopped
    enabled: no
  ignore_errors: true

- name: Reset Traffic Control
  shell: "tc qdisc del dev {{ item }} root"
  loop: [ens4, ens5, ens6]
  ignore_errors: true
  changed_when: false

- name: Reset IPTables Blocks
  iptables:
    chain: FORWARD
    action: flush
  changed_when: false

# --- 2. INSTALL FLAPPING

- name: Installing Flapping script & service
  block:
    - template:
        src: flapping_service.sh.j2
        dest: /usr/local/bin/flapping_simulation.sh
        mode: "0755"
    - template:
        src: flapping.service.j2
        dest: /etc/systemd/system/flapping_simulation.service
    - systemd:
        name: flapping_simulation
        state: started
        daemon_reload: yes
  when: network_scenarios[scenario].flapping_enabled | default(false)

# --- 3. APPLY TRAFFIC CONTROL

- name: Apply Complex TC Rules
  shell: >
    tc qdisc add dev {{ item.0.key }} 
    {% if item.1.root | default(false) %}root{% else %}parent {{ item.1.parent }}{% endif %}
    {% if item.1.handle is defined %}handle {{ item.1.handle }}{% endif %}
    {{ item.1.type }} 
    {{ item.1.args }}
  loop: "{{ network_scenarios[scenario].interfaces | default({}) | dict2items | subelements('value') }}"
  when: network_scenarios[scenario].interfaces is defined

# --- 4. APPLY IPTABLES BLOCKS ---

- name: Apply Static Blocks
  iptables:
    chain: FORWARD
    in_interface: "{{ item.src }}"
    out_interface: "{{ item.dst }}"
    jump: DROP
  loop: "{{ network_scenarios[scenario].blocks | default([]) }}"