Import firewall role from network repo

Move, actually.

roles/firewall/templates/sysctl.conf.j2

@@ -0,0 +1,16 @@
+# We are router.
+net.ipv4.ip_forward = 1
+net.ipv6.conf.all.forwarding = 1
+
+# Zebra docs recommend these.
+net.ipv6.conf.all.keep_addr_on_down = 1
+net.ipv6.route.skip_notify_on_dev_down = 1
+
+# Do not send ICMP redirects. Happens because firewall sees all office
+# networks coming from the same routers, and gets confused as to why
+# firewall is routing packets between them.
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
+
+# Increase max connections for netfilter.
+net.netfilter.nf_conntrack_max = 1048576