From 8fe447d46c56fb648bf2c1f34fedae47dbbaee2f Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Tue, 6 Sep 2016 15:20:47 +0300
Subject: Setup routing and NAT/masquerade firewall

---
 ansible/roles/router/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 ansible/roles/router/tasks/main.yml

(limited to 'ansible/roles/router/tasks/main.yml')

diff --git a/ansible/roles/router/tasks/main.yml b/ansible/roles/router/tasks/main.yml
new file mode 100644
index 0000000..6b76440
--- /dev/null
+++ b/ansible/roles/router/tasks/main.yml
@@ -0,0 +1,13 @@
+- name: add iptables masquerading rule
+  copy:
+    src: setup-firewall
+    dest: /usr/local/sbin/setup-firewall
+    mode: 0755
+
+- name: set up packet forwarding sysctl config
+  copy:
+    src: enable-routing.conf
+    dest: /etc/sysctl.d
+
+- name: load sysctl config change
+  shell: sysctl -p /etc/sysctl.d/enable-routing.conf
-- 
cgit v1.2.1