Commit 7182416f authored by Hugo LEVY-FALK's avatar Hugo LEVY-FALK

Configuration kernel propre

parent d77150b8
# Enable IP forwarding
net.ipv4.ip_forward=1
# Enable TCP syncookies protection
net.ipv4.tcp_syncookies=1
# Filter in strict mode, see RFC3704 Strict Reverse Path
net.ipv4.conf.all.rp_filter=1
net.ipv4.conf.default.rp_filter=1
# Don't accept source routed packets.
net.ipv4.conf.all.accept_source_route=0
# Garbage collection thresholds
net.ipv4.neigh.default.gc_thresh1=1024
net.ipv4.neigh.default.gc_thresh2=4096
net.ipv4.neigh.default.gc_thresh3=8192
......@@ -17,7 +17,21 @@
src: interfaces.j2
dest: /etc/network/interfaces
mode: 0644
group: root
owner: root
register: interfaces
- name: Configure sysctl
copy:
src: local.conf
dest: /etc/sysctl.d/local.conf
mode: 0644
group: root
owner: root
register: sysctl
- name: Reload sysctl
sysctl:
reload: yes
when: sysctl.changed
- name: Restart Network, and pray
shell: "sleep 5 && service networking restart"
async: 1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment