---
- name: Ensure iptables is installed
  package:
    name: iptables
    cache_valid_time: "{{ apt_cache_valid_time if ansible_os_family == 'Debian' else omit }}"
    update_cache: "{{ True if ansible_os_family == 'Debian' else omit }}"
  become: true

# iptables -t nat -A POSTROUTING -o {{ interface }} -j SNAT --to-source {{ source_ip }}
- name: Ensure SNAT iptables rules exist
  iptables:
    action: append
    table: nat
    chain: POSTROUTING
    out_interface: "{{ item.interface }}"
    jump: SNAT
    to_source: "{{ item.source_ip }}"
  with_items: "{{ snat_rules }}"
  become: True