mikepell/dsfin-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- additional AP config - fw rules

Browse Source
This commit is contained in:
Pi
2019-08-08 10:36:06 -04:00
parent 81592c1288
commit a7eaa63577
3 changed files with 28 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
roles/ap/tasks/main.yaml
View File

@@ -65,32 +65,28 @@
masked: no
state: restarted
tags: wireless_ap
- name: enable ipv4.forwarding
become: true
sysctl:
name: net.ipv4.ip_forward
value: 1
sysctl_set: yes
state: present
reload: yes
tags: wireless_ap
- name: copy fw config
become: true
copy:
src: "{{ role_path }}/files/iptables.ipv4.nat"
dest: "/etc/iptables.ipv4.nat"
backup: yes
owner: root
group: root
tags: wireless_ap
- name: iptables-restore to rc.local
lineinfile:
path: "/etc/rc.local"
state: present
insertbefore: "exit 0"
line: "iptables-restore < /etc/iptables.ipv4.nat"
become: true
tags: wireless_ap
- name: lan to wlan
iptables:
chain: FORWARD
ctstate: ESTABLISHED,RELATED
jump: ACCEPT
in_interface: eth0
out_interface: wlan0
become: yes
- name: wlan to lan
iptables:
chain: FORWARD
jump: ACCEPT
in_interface: wlan0
out_interface: eth0
become: yes
- name: forwarding
iptables:
chain: POSTROUTING
out_interface: eth0
table: nat
jump: MASQUERADE
become: yes
- name: restart dhcpcd
become: true
systemd: