ff

roles/configure/tasks/iptables.yaml

@@ -132,10 +132,11 @@
 - name: Allow TCP MSS clamping
   command: iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
 
+
 - name: Allow traffic from {{ wifi_int.stdout }} to {{ lte_int.stdout }}
   iptables:
     chain: FORWARD
-    in_interface: "br0"
+    in_interface: "{{ wifi_int.stdout }}"
     out_interface: "{{ lte_int.stdout }}"
     jump: ACCEPT
     action: insert
@@ -148,21 +149,5 @@
     table: nat
     out_interface: "{{ lte_int.stdout }}"
 
-# - name: Allow traffic from {{ wifi_int.stdout }} to {{ lte_int.stdout }}
-#   iptables:
-#     chain: FORWARD
-#     in_interface: "{{ wifi_int.stdout }}"
-#     out_interface: "{{ lte_int.stdout }}"
-#     jump: ACCEPT
-#     action: insert
-#     rule_num: 3 
-
-# - name: Enable masquerading for {{ lte_int.stdout }}
-#   iptables:
-#     chain: POSTROUTING
-#     jump: MASQUERADE
-#     table: nat
-#     out_interface: "{{ lte_int.stdout }}"
-
 - name: Save iptables rules
   command: iptables-save -f /etc/iptables/iptables.rules

roles/configure/tasks/main.yaml

@@ -80,33 +80,15 @@
   set_fact:
     nmcli_failed: "{{ nmcli_result.rc != 0 }}"
 
-# - name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed
-#   command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap ip4 {{ wifi_int_ip }}
-#   when: nmcli_failed
 - name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed
-  command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap
+  command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap ip4 {{ wifi_int_ip }}
+  when: nmcli_failed
+- name: Configure physical interface
+  command: /usr/bin/nmcli c add autoconnect yes save yes con-name eth1 ifname enp90s0 type ethernet ipv4.method manual ipv4.address 10.1.10.2
+  
   when: nmcli_failed
 - name: Run nmcli to add a connection LTE
   command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet"
-  tags: br
-- name: Configure bridge
-  command: /usr/bin/nmcli c add type bridge ifname br0 autoconnect yes save yes con-name bridge
-  tags: br
-- name: Configure bridge1
-  command: /usr/bin/nmcli c add type bridge-slave ifname {{ int_name }} master br0
-  loop: 
-  - wlp88s0
-  - enp90s0
-  loop_control: 
-    loop_var: int_name
-  tags: br
-- name: set ip for bridge
-  command: /usr/bin/nmcli c mod bridge ipv4.addr {{ wifi_int_ip }}/24 ipv4.method static 
-  tags: br
-
-- name: set ip for bridge
-  command: /usr/bin/nmcli c up bridge
-  tags: br
 
 - name: Run nmcli to add WPA-PSK security to the wifi connection
   command: /usr/bin/nmcli c mod {{ wifi_ssid }} \
@@ -117,6 +99,9 @@
     802-11-wireless-security.group ccmp \
     802-11-wireless-security.pairwise ccmp \
     802-11-wireless-security.psk {{ wifi_psk }} \
+    ipv4.method shared \
+    ipv4.addr {{ wifi_int_ip }}/24
+
 
 - name: Run nmcli to activate wifi access point connection
   command: /usr/bin/nmcli c up {{ wifi_ssid }}