37 lines
797 B
YAML
37 lines
797 B
YAML
|
- name: Install conntrack-tools
|
||
|
package:
|
||
|
name: conntrack-tools
|
||
|
|
||
|
# Ensure the module is loaded before setting sysctl values.
|
||
|
- name: Autoload nf_conntrack
|
||
|
lineinfile:
|
||
|
dest: /etc/modules-load.d/netfilter.conf
|
||
|
line: nf_conntrack
|
||
|
create: yes
|
||
|
|
||
|
# Set required sysctl values.
|
||
|
- name: Set sysctl values for conntrackd
|
||
|
copy:
|
||
|
dest: /etc/sysctl.d/
|
||
|
src: conntrackd.conf
|
||
|
|
||
|
- name: Set up conntrackd
|
||
|
template:
|
||
|
dest: /etc/conntrackd/conntrackd.conf
|
||
|
src: conntrackd.conf.j2
|
||
|
mode: 0644
|
||
|
notify: restart conntrackd
|
||
|
|
||
|
- name: Run conntrackd in default VRF
|
||
|
lineinfile:
|
||
|
dest: /etc/conf.d/conntrackd
|
||
|
line: 'vrf="default"'
|
||
|
regexp: '^vrf='
|
||
|
notify: restart conntrackd
|
||
|
|
||
|
- name: Enable conntrackd
|
||
|
service:
|
||
|
name: conntrackd
|
||
|
enabled: yes
|
||
|
state: started
|