mirror of
https://git.libreschool.org/paspo/brasatore.git
synced 2024-11-22 22:28:44 +00:00
35 lines
713 B
YAML
35 lines
713 B
YAML
---
|
|
|
|
- name: FIREWALL rules
|
|
template:
|
|
src: rules.v4
|
|
dest: /etc/iptables/rules.v4
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
become: true
|
|
# notify: nfs_reload_exports
|
|
|
|
- name: FIREWALL rules restore
|
|
shell: iptables-restore /etc/iptables/rules.v4
|
|
|
|
- name: FIREWALL enable IPv4 forward
|
|
sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: "1"
|
|
sysctl_file: /etc/sysctl.d/ipv4_forward.conf
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
ignoreerrors: yes
|
|
|
|
- name: FIREWALL disable IPv6
|
|
sysctl:
|
|
name: net.ipv6.conf.all.disable_ipv6
|
|
value: "1"
|
|
sysctl_file: /etc/sysctl.d/disable_ipv6.conf
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
ignoreerrors: yes
|
|
|