30 lines
654 B
Markdown
30 lines
654 B
Markdown
# Ansible role network-iptables-gateway
|
||
|
||
Diese Ansible role konfiguriert iptables Regeln für IPv4+IPv6 eines Freifunk Gateways.
|
||
|
||
- installiert iptables+iptables-persistent
|
||
- schreibt rules.v4 + rules.v6
|
||
- setzt netfilter sysctl parameter
|
||
|
||
## Benötigte Variablen
|
||
|
||
- List `sysctl_settings_netfilter` (Rollen Variable)
|
||
|
||
```
|
||
sysctl_settings_netfilter:
|
||
- name: # sysctl-Parameter
|
||
value: # zu setzender Wert
|
||
|
||
´´´
|
||
- Dictionary `meshes`
|
||
´´´
|
||
meshes:
|
||
- id: xx
|
||
...
|
||
ipv4_network:
|
||
...
|
||
```
|
||
|
||
- Variable `internet_exit_tcp_mss_ipv4`
|
||
- Variable `internet_exit_tcp_mss_ipv6`
|
||
- Host Variable `ffrl_public_ipv4_nat` # Format ip-adresse/prefix
|