ansible-ffibk/roles/network-iptables-gateway/tasks/main.yml
2018-09-18 14:27:58 +02:00

40 lines
868 B
YAML

---
- name: install iptables packages
package:
name: "{{ item }}"
state: present
loop:
- iptables
- iptables-persistent
- name: configure nf_conntrack module to load on system boot
template:
src: nf_conntrack.module.conf.j2
dest: /etc/modules-load.d/nf_conntrack.conf
- name: load netfilter modules
modprobe:
name: "{{ item }}"
state: present
loop:
- nf_conntrack
- nf_conntrack_ipv4
- name: set netfilter sysctl settings
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
loop: "{{ sysctl_settings_netfilter }}"
- name: write iptables configuration
template:
src: rules.v4.j2
dest: /etc/iptables/rules.v4
notify: iptables-restore
- name: write ip6tables configuration
template:
src: rules.v6.j2
dest: /etc/iptables/rules.v6
notify: ip6tables-restore