...
 
Commits (2)
# Enable IP forwarding
net.ipv4.ip_forward=1
# Enable TCP syncookies protection
net.ipv4.tcp_syncookies=1
# Filter in strict mode, see RFC3704 Strict Reverse Path
net.ipv4.conf.all.rp_filter=1
net.ipv4.conf.default.rp_filter=1
# Don't accept source routed packets.
net.ipv4.conf.all.accept_source_route=0
# Garbage collection thresholds
net.ipv4.neigh.default.gc_thresh1=1024
net.ipv4.neigh.default.gc_thresh2=4096
net.ipv4.neigh.default.gc_thresh3=8192
......@@ -17,7 +17,21 @@
src: interfaces.j2
dest: /etc/network/interfaces
mode: 0644
group: root
owner: root
register: interfaces
- name: Configure sysctl
copy:
src: local.conf
dest: /etc/sysctl.d/local.conf
mode: 0644
group: root
owner: root
register: sysctl
- name: Reload sysctl
sysctl:
reload: yes
when: sysctl.changed
- name: Restart Network, and pray
shell: "sleep 5 && service networking restart"
async: 1
......