router/readme.md

# Ansible Role: Router

Configure router functionality with NAT, firewall, and routing on Alpine Linux.

## Variables

### Network Interfaces

| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| `wan_interface` | Yes | `eth0` | WAN network interface |
| `lan_interface` | Yes | `eth1` | LAN network interface |

### Firewall Rules

| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| `incoming_firewall_rules` | No | `[]` | List of incoming firewall rules |

### NAT Configuration

| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| `nat_port_forwards` | No | `[]` | List of NAT port forwarding rules |

## Tags

| Tag | Description |
|-----|-------------|
| `full` | Execute all tasks |
| `routing` | Configure routing and iptables |
| `firewall` | Configure firewall rules |
| `performance` | Configure performance tuning |

## Example

```yaml
wan_interface: "eth0"
lan_interface: "eth1"

incoming_firewall_rules:
  - name: "allow ssh from lan"
    source: "192.168.1.0/24"
    protocol: "tcp"
    port: 22
  - name: "allow dns from lan"
    source: "192.168.1.0/24"
    protocol: "udp"
    port: 53

nat_port_forwards:
  - name: "forward https to web server"
    dst: "192.168.1.10"
    port: 443
    protocol: "tcp"
```