ansible-ffibk/roles/network-iptables-gateway/tasks/main.yml
2017-10-11 17:53:20 +02:00

35 lines
727 B
YAML

---
- name: install iptables packages
package:
name: "{{ item }}"
state: present
with_items:
- iptables
- iptables-persistent
- name: load netfilter modules
modprobe:
name: "{{ item }}"
state: present
with_items:
- nf_conntrack
- nf_conntrack_ipv4
- name: set netfilter sysctl settings
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
with_items: "{{ sysctl_settings_netfilter }}"
- name: write iptables configuration
template:
src: rules.v4.j2
dest: /etc/iptables/rules.v4
notify: iptables-restore
- name: write ip6tables configuration
template:
src: rules.v6.j2
dest: /etc/iptables/rules.v6
notify: ip6tables-restore