mirror of
https://git.libreschool.org/paspo/brasatore.git
synced 2024-11-23 06:38:44 +00:00
35 lines
713 B
YAML
35 lines
713 B
YAML
|
---
|
||
|
|
||
|
- name: FIREWALL rules
|
||
|
template:
|
||
|
src: rules.v4
|
||
|
dest: /etc/iptables/rules.v4
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: "0644"
|
||
|
become: true
|
||
|
# notify: nfs_reload_exports
|
||
|
|
||
|
- name: FIREWALL rules restore
|
||
|
shell: iptables-restore /etc/iptables/rules.v4
|
||
|
|
||
|
- name: FIREWALL enable IPv4 forward
|
||
|
sysctl:
|
||
|
name: net.ipv4.ip_forward
|
||
|
value: "1"
|
||
|
sysctl_file: /etc/sysctl.d/ipv4_forward.conf
|
||
|
sysctl_set: yes
|
||
|
state: present
|
||
|
reload: yes
|
||
|
ignoreerrors: yes
|
||
|
|
||
|
- name: FIREWALL disable IPv6
|
||
|
sysctl:
|
||
|
name: net.ipv6.conf.all.disable_ipv6
|
||
|
value: "1"
|
||
|
sysctl_file: /etc/sysctl.d/disable_ipv6.conf
|
||
|
sysctl_set: yes
|
||
|
state: present
|
||
|
reload: yes
|
||
|
ignoreerrors: yes
|
||
|
|