nuc7ear/nm
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ff

Browse Source
This commit is contained in:
Aleksandr Malyavin
2024-09-03 20:22:50 +03:00
parent 5fb44d96bf
commit 98a69736c0
2 changed files with 10 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
roles/configure/tasks/iptables.yaml
View File

@@ -132,10 +132,11 @@
- name: Allow TCP MSS clamping
command: iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- name: Allow traffic from {{ wifi_int.stdout }} to {{ lte_int.stdout }}
iptables:
chain: FORWARD
in_interface: "br0"
in_interface: "{{ wifi_int.stdout }}"
out_interface: "{{ lte_int.stdout }}"
jump: ACCEPT
action: insert
@@ -148,21 +149,5 @@
table: nat
out_interface: "{{ lte_int.stdout }}"
# - name: Allow traffic from {{ wifi_int.stdout }} to {{ lte_int.stdout }}
# iptables:
# chain: FORWARD
# in_interface: "{{ wifi_int.stdout }}"
# out_interface: "{{ lte_int.stdout }}"
# jump: ACCEPT
# action: insert
# rule_num: 3
# - name: Enable masquerading for {{ lte_int.stdout }}
# iptables:
# chain: POSTROUTING
# jump: MASQUERADE
# table: nat
# out_interface: "{{ lte_int.stdout }}"
- name: Save iptables rules
command: iptables-save -f /etc/iptables/iptables.rules