chef-lctp/site-cookbooks/lctp-network/recipes/router.rb

39 lines
745 B
Ruby

execute "iptables-load" do
action :nothing
command "/etc/network/if-pre-up.d/iptables-load"
end
template "/etc/iptables.rules" do
source "iptables.rules.erb"
mode 0644
owner "root"
group "root"
end
modules "iptable_nat"
modules "ipt_MASQUERADE"
execute "enable ip_forward" do
command "sysctl -w net.ipv4.ip_forward=1"
end
file "/etc/sysctl.d/10-ip-forwarding.conf" do
mode "0644"
content "net.ipv4.ip_forward = 1"
end
cookbook_file "/etc/network/if-pre-up.d/iptables-load" do
source "iptables-load"
mode 0755
owner "root"
group "root"
notifies :run, "execute[iptables-load]"
end
cookbook_file "/etc/network/if-post-down.d/iptables-save" do
source "iptables-save"
mode 0755
owner "root"
group "root"
end