diff options
Diffstat (limited to 'tasks/sysctl.yml')
| -rw-r--r-- | tasks/sysctl.yml | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tasks/sysctl.yml b/tasks/sysctl.yml new file mode 100644 index 0000000..0f0a985 --- /dev/null +++ b/tasks/sysctl.yml @@ -0,0 +1,22 @@ +- name: Configure network-related sysctl.conf(5). + sysctl: name={{ item.key }} value={{ item.val }} + sysctl_file=/etc/sysctl.d/network.conf reload=true + with_items: + - { key: net.ipv4.tcp_timestamps, val: 0 } + - { key: net.ipv4.conf.default.accept_source_route, val: 0 } + - { key: net.ipv4.conf.default.send_redirects, val: 0 } + - { key: net.ipv4.conf.all.accept_source_route, val: 0 } + - { key: net.ipv4.conf.all.send_redirects, val: 0 } + - { key: net.ipv6.conf.default.autoconf, val: 0 } + - { key: net.ipv6.conf.default.accept_ra, val: 0 } + - { key: net.ipv6.conf.default.accept_ra_defrtr, val: 0 } + - { key: net.ipv6.conf.default.accept_ra_rtr_pref, val: 0 } + - { key: net.ipv6.conf.default.accept_ra_pinfo, val: 0 } + - { key: net.ipv6.conf.default.accept_source_route, val: 0 } + - { key: net.ipv6.conf.all.autoconf, val: 0 } + - { key: net.ipv6.conf.all.accept_ra, val: 0 } + - { key: net.ipv6.conf.all.accept_ra_defrtr, val: 0 } + - { key: net.ipv6.conf.all.accept_ra_rtr_pref, val: 0 } + - { key: net.ipv6.conf.all.accept_ra_pinfo, val: 0 } + - { key: net.ipv6.conf.all.accept_source_route, val: 0 } + - { key: net.ipv6.conf.all.accept_redirects, val: 0 } |