From e30eb9bf875af6ee37c0b54b6dd236c17b2e24df Mon Sep 17 00:00:00 2001
From: jack <e601809@gmail.com>
Date: Mon, 1 Aug 2016 20:09:37 +0300
Subject: [PATCH] change IP ranges #37

---
 config.cfg              | 3 ++-
 features.yml            | 2 +-
 templates/ipsec.conf.j2 | 2 +-
 vpn.yml                 | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/config.cfg b/config.cfg
index 42ba314..a017cd7 100644
--- a/config.cfg
+++ b/config.cfg
@@ -14,7 +14,8 @@ server_name: example.com
 server_ip: "{{ ansible_ssh_host }}"
 dns_servers:
   - 8.8.8.8
-  - 8.8.4.4
+  - 8.8.4.4  
+vpn_network: 10.19.48.0/24  
 
 users:
   - mr.smith
diff --git a/features.yml b/features.yml
index 055ff85..b3ea8d0 100644
--- a/features.yml
+++ b/features.yml
@@ -62,7 +62,7 @@
       chain: PREROUTING
       protocol: udp
       destination_port: 53
-      source: 10.0.0.0/24
+      source: "{{ vpn_network }}"
       jump: DNAT
       to_destination: 172.16.0.1:53
     notify:
diff --git a/templates/ipsec.conf.j2 b/templates/ipsec.conf.j2
index 271856b..ab1b56e 100644
--- a/templates/ipsec.conf.j2
+++ b/templates/ipsec.conf.j2
@@ -22,7 +22,7 @@ conn %default
 
     right=%any
     rightauth=pubkey
-    rightsourceip=10.0.0.0/24
+    rightsourceip="{{ vpn_network }""
 {% if service_dns is defined and service_dns == "N" %}
     rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}
 {% else %}    
diff --git a/vpn.yml b/vpn.yml
index 13e68f4..50b1ed8 100644
--- a/vpn.yml
+++ b/vpn.yml
@@ -28,7 +28,7 @@
       - netfilter-persistent
 
   - name: Configure iptables so IPSec traffic can traverse the tunnel
-    iptables: table=nat chain=POSTROUTING source=10.0.0.0/24 jump=MASQUERADE
+    iptables: table=nat chain=POSTROUTING source="{{ vpn_network }}" jump=MASQUERADE
     notify:
     - save iptables