---

- name: Install iptables-persistent
  apt: name=iptables-persistent

- name: Enable IPv4 routing
  sysctl: name=net.ipv4.ip_forward value=1 state=present

- name: Increas conntrack limit
  sysctl: name=net.netfilter.nf_conntrack_max value={{ conntrack_max }} state=present

- name: Configure iptables
  template: src=rules.v4.j2 dest=/etc/iptables/rules.v4
  notify: Reload iptables