blob: a9406d86458c01a3541b0fa70bddc914a0c0456b [file] [log] [blame]
# Copyright 2020-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Create netplan config file for SGI and S1U gateway interfaces
template:
src: etc/netplan/sgi-s1u-gateway.yaml.j2
dest: "{{ netplan_config_file }}"
notify:
- netplan generate
- netplan apply
tags: router
- name: Install iptables-persistent
apt:
name: iptables-persistent
state: present
update_cache: yes
tags: router
- name: Ensure ip_forward enabled
sysctl:
name: net.ipv4.ip_forward
value: '1'
sysctl_set: yes
state: present
tags: router
- name: Set default forwarding policy to ACCEPT
iptables:
chain: FORWARD
policy: ACCEPT
tags: router
- name: Add SNAT
iptables:
table: nat
chain: POSTROUTING
out_interface: "{{ ansible_default_ipv4.interface }}"
jump: MASQUERADE
tags: router
- name: Save iptables v4 rules
shell: iptables-save > /etc/iptables/rules.v4
changed_when: False
tags: router