Added masquerading iptables rule
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Signed-off-by: Nis Wechselberg <enbewe@enbewe.de>
This commit is contained in:
parent
b65650d733
commit
6d80d7257e
GPG key ID:
7B25171F921B9E57
1 changed files with 10 additions and 0 deletions
|
|
@ -100,3 +100,13 @@
|
||||||
value: '{{ item.value }}'
|
value: '{{ item.value }}'
|
||||||
loop: '{{ server_openvpn_sysctl_settings | dict2items }}'
|
loop: '{{ server_openvpn_sysctl_settings | dict2items }}'
|
||||||
notify: 'Restart openvpn server'
|
notify: 'Restart openvpn server'
|
||||||
|
|
||||||
|
- name: 'Configure masquerading on firewall for the vpn traffic to the internet'
|
||||||
|
become: true
|
||||||
|
ansible.builtin.iptables:
|
||||||
|
chain: 'POSTROUTING'
|
||||||
|
comment: 'Enable masquerading from the vpn network'
|
||||||
|
out_interface: '{{ server_openvpn_nat_interface }}'
|
||||||
|
source: '{{ server_openvpn_ipv4_pool }}/24'
|
||||||
|
table: 'nat'
|
||||||
|
jump: 'MASQUERADE'
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue