Set systcl values in exit-ipv4

This commit is contained in:
Markus 2017-03-27 23:47:16 +02:00
parent 016fce0043
commit 588112b25f
2 changed files with 9 additions and 0 deletions

View File

@ -0,0 +1,3 @@
---
conntrack_max: 131072

View File

@ -3,6 +3,12 @@
- name: Install iptables-persistent - name: Install iptables-persistent
apt: name=iptables-persistent state=present apt: name=iptables-persistent state=present
- name: Enable IPv4 routing
sysctl: name=net.ipv4.ip_forward value=1 state=present
- name: Increas conntrack limit
sysctl: name=net.netfilter.nf_conntrack_max value={{ conntrack_max }} state=present
- name: Configure iptables - name: Configure iptables
template: src=rules.v4.j2 dest=/etc/iptables/rules.v4 template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
notify: Reload iptables notify: Reload iptables