From f81a5c1a5f1da1fa589f73ff9cabb4368572b866 Mon Sep 17 00:00:00 2001
From: Julian Labus <julian@labus-online.de>
Date: Fri, 23 Feb 2018 19:32:30 +0100
Subject: [PATCH] Role network-iptables-gateway: load module nf_conntrack at
 boot

---
 roles/network-iptables-gateway/tasks/main.yml                | 5 +++++
 .../templates/nf_conntrack.module.conf.j2                    | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 roles/network-iptables-gateway/templates/nf_conntrack.module.conf.j2

diff --git a/roles/network-iptables-gateway/tasks/main.yml b/roles/network-iptables-gateway/tasks/main.yml
index a8a2e84..fffabba 100644
--- a/roles/network-iptables-gateway/tasks/main.yml
+++ b/roles/network-iptables-gateway/tasks/main.yml
@@ -7,6 +7,11 @@
     - iptables
     - iptables-persistent
 
+- name: configure nf_conntrack module to load on system boot
+  template:
+    src: nf_conntrack.module.conf.j2
+    dest: /etc/modules-load.d/nf_conntrack.conf
+
 - name: load netfilter modules
   modprobe:
     name: "{{ item }}"
diff --git a/roles/network-iptables-gateway/templates/nf_conntrack.module.conf.j2 b/roles/network-iptables-gateway/templates/nf_conntrack.module.conf.j2
new file mode 100644
index 0000000..83476af
--- /dev/null
+++ b/roles/network-iptables-gateway/templates/nf_conntrack.module.conf.j2
@@ -0,0 +1,5 @@
+#
+# Load nf_conntrack module on system boot
+# {{ ansible_managed }}
+#
+nf_conntrack