# Overview

This role configures router functionality on Alpine Linux.

## Supported Operating Systems

| Operating System | Version |
| --- | ----- |
| Alpine | 3.23 |

## Tags

| Tag | Purpose |
| --- | -------- |
| `full` | Execute all tasks |
| `routing` | Configure routing and iptables |
| `firewall` | Configure firewall rules |
| `performance` | Configure performance tuning |

## Role Variables

### Interfaces

```yaml
wan_interface: "eth0"
lan_interface: "eth1"
```

### Incoming Firewall Rules

```yaml
incoming_firewall_rules:

  - name: "allow ssh from lan"
    source: "192.168.1.0/24"
    protocol: "tcp"
    port: 22

  - name: "allow https from lan"
    source: "192.168.1.0/24"
    protocol: "tcp"
    port: 443

  - name: "allow dns from lan"
    source: "192.168.1.0/24"
    protocol: "udp"
    port: 53

  - name: "allow ping from lan"
    source: "192.168.1.0/24"
    protocol: "icmp"
    port: 0
```

### NAT Port Forwards

```yaml
nat_port_forwards:

  - name: "forward http to web server"
    dst: "192.168.1.10"
    port: 80
    protocol: "tcp"

  - name: "forward https to web server"
    dst: "192.168.1.10"
    port: 443
    protocol: "tcp"

  - name: "forward ssh to internal server"
    dst: "192.168.1.20"
    port: 2222
    protocol: "tcp"
```