74 lines
1.2 KiB
Markdown
74 lines
1.2 KiB
Markdown
# Overview
|
|
|
|
This role configures router functionality on Alpine Linux.
|
|
|
|
## Supported Operating Systems
|
|
|
|
| Operating System | Version |
|
|
| --- | ----- |
|
|
| Alpine | 3.23 |
|
|
|
|
## Tags
|
|
|
|
| Tag | Purpose |
|
|
| --- | -------- |
|
|
| `full` | Execute all tasks |
|
|
| `routing` | Configure routing and iptables |
|
|
| `firewall` | Configure firewall rules |
|
|
| `performance` | Configure performance tuning |
|
|
|
|
## Role Variables
|
|
|
|
### Interfaces
|
|
|
|
```yaml
|
|
wan_interface: "eth0"
|
|
lan_interface: "eth1"
|
|
```
|
|
|
|
### Incoming Firewall Rules
|
|
|
|
```yaml
|
|
incoming_firewall_rules:
|
|
|
|
- name: "allow ssh from lan"
|
|
source: "192.168.1.0/24"
|
|
protocol: "tcp"
|
|
port: 22
|
|
|
|
- name: "allow https from lan"
|
|
source: "192.168.1.0/24"
|
|
protocol: "tcp"
|
|
port: 443
|
|
|
|
- name: "allow dns from lan"
|
|
source: "192.168.1.0/24"
|
|
protocol: "udp"
|
|
port: 53
|
|
|
|
- name: "allow ping from lan"
|
|
source: "192.168.1.0/24"
|
|
protocol: "icmp"
|
|
port: 0
|
|
```
|
|
|
|
### NAT Port Forwards
|
|
|
|
```yaml
|
|
nat_port_forwards:
|
|
|
|
- name: "forward http to web server"
|
|
dst: "192.168.1.10"
|
|
port: 80
|
|
protocol: "tcp"
|
|
|
|
- name: "forward https to web server"
|
|
dst: "192.168.1.10"
|
|
port: 443
|
|
protocol: "tcp"
|
|
|
|
- name: "forward ssh to internal server"
|
|
dst: "192.168.1.20"
|
|
port: 2222
|
|
protocol: "tcp"
|
|
```
|