2017-10-02 11:18:16 +02:00
|
|
|
|
# Ansible role network-iptables-gateway
|
|
|
|
|
|
|
|
|
|
Diese Ansible role konfiguriert iptables Regeln für IPv4+IPv6 eines Freifunk Gateways.
|
|
|
|
|
|
|
|
|
|
- installiert iptables+iptables-persistent
|
|
|
|
|
- schreibt rules.v4 + rules.v6
|
|
|
|
|
- setzt netfilter sysctl parameter
|
|
|
|
|
|
|
|
|
|
## Benötigte Variablen
|
|
|
|
|
|
|
|
|
|
- List `sysctl_settings_netfilter` (Rollen Variable)
|
2018-02-28 15:20:51 +01:00
|
|
|
|
|
|
|
|
|
```
|
2017-10-02 11:18:16 +02:00
|
|
|
|
sysctl_settings_netfilter:
|
|
|
|
|
- name: # sysctl-Parameter
|
|
|
|
|
value: # zu setzender Wert
|
|
|
|
|
|
|
|
|
|
´´´
|
|
|
|
|
- Dictionary `meshes`
|
|
|
|
|
´´´
|
|
|
|
|
meshes:
|
2017-10-06 22:58:00 +02:00
|
|
|
|
- id: xx
|
2017-10-02 11:18:16 +02:00
|
|
|
|
...
|
|
|
|
|
ipv4_network:
|
|
|
|
|
...
|
2018-02-28 15:20:51 +01:00
|
|
|
|
```
|
2017-10-02 11:18:16 +02:00
|
|
|
|
|
2017-10-04 12:55:29 +02:00
|
|
|
|
- Variable `internet_exit_tcp_mss_ipv4`
|
|
|
|
|
- Variable `internet_exit_tcp_mss_ipv6`
|
2017-10-03 14:37:39 +02:00
|
|
|
|
- Host Variable `ffrl_public_ipv4_nat` # Format ip-adresse/prefix
|