forked from FF-RGB/ansible
Set systcl values in exit-ipv4
This commit is contained in:
parent
016fce0043
commit
588112b25f
3
roles/exit-ipv4/defaults/main.yml
Normal file
3
roles/exit-ipv4/defaults/main.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
conntrack_max: 131072
|
@ -3,6 +3,12 @@
|
|||||||
- name: Install iptables-persistent
|
- name: Install iptables-persistent
|
||||||
apt: name=iptables-persistent state=present
|
apt: name=iptables-persistent state=present
|
||||||
|
|
||||||
|
- name: Enable IPv4 routing
|
||||||
|
sysctl: name=net.ipv4.ip_forward value=1 state=present
|
||||||
|
|
||||||
|
- name: Increas conntrack limit
|
||||||
|
sysctl: name=net.netfilter.nf_conntrack_max value={{ conntrack_max }} state=present
|
||||||
|
|
||||||
- name: Configure iptables
|
- name: Configure iptables
|
||||||
template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
|
template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
|
||||||
notify: Reload iptables
|
notify: Reload iptables
|
||||||
|
Loading…
Reference in New Issue
Block a user