Set systcl values in exit-ipv4
This commit is contained in:
parent
016fce0043
commit
588112b25f
3
roles/exit-ipv4/defaults/main.yml
Normal file
3
roles/exit-ipv4/defaults/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
conntrack_max: 131072
|
@ -3,6 +3,12 @@
|
||||
- name: Install iptables-persistent
|
||||
apt: name=iptables-persistent state=present
|
||||
|
||||
- name: Enable IPv4 routing
|
||||
sysctl: name=net.ipv4.ip_forward value=1 state=present
|
||||
|
||||
- name: Increas conntrack limit
|
||||
sysctl: name=net.netfilter.nf_conntrack_max value={{ conntrack_max }} state=present
|
||||
|
||||
- name: Configure iptables
|
||||
template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
|
||||
notify: Reload iptables
|
||||
|
Loading…
Reference in New Issue
Block a user