ansible-ffrgb/roles/exit-ipv4/tasks/main.yml

21 lines
544 B
YAML
Raw Normal View History

2017-03-27 21:00:03 +02:00
---
- name: Install iptables-persistent
apt: name=iptables-persistent
2017-03-27 21:00:03 +02:00
2017-03-27 23:47:16 +02:00
- name: Enable IPv4 routing
sysctl: name=net.ipv4.ip_forward value=1 state=present
- name: Load nf_conntrack module
modprobe: name=nf_conntrack
- name: Enable nf_conntrack during boot
lineinfile: dest=/etc/modules line=nf_conntrack
2018-01-24 00:30:43 +01:00
- name: Increase conntrack limit
2017-03-27 23:47:16 +02:00
sysctl: name=net.netfilter.nf_conntrack_max value={{ conntrack_max }} state=present
2017-03-27 21:00:03 +02:00
- name: Configure iptables
template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
notify: Reload iptables