From e6090b8245057f34eca354a5c4693a147814d5b2 Mon Sep 17 00:00:00 2001
From: Evgeniy Ivanov <e601809@gmail.com>
Date: Sun, 21 Aug 2016 12:51:58 +0300
Subject: [PATCH] forwarding #61

---
 roles/common/tasks/main.yml   | 11 ++++++++++-
 roles/security/tasks/main.yml |  6 ------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index b1e397a..f96a4b3 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -70,4 +70,13 @@
   notify:
     - restart loopback
     
-- meta: flush_handlers    
+- meta: flush_handlers
+
+- name: Enable packet forwarding for IPv4
+  sysctl: name="{{ item }}" value=1
+  with_items:
+    - net.ipv4.ip_forward
+    - net.ipv4.conf.all.forwarding
+
+- name: Enable packet forwarding for IPv6
+  sysctl: name=net.ipv6.conf.all.forwarding value=1
diff --git a/roles/security/tasks/main.yml b/roles/security/tasks/main.yml
index 1ef078a..fdd4818 100644
--- a/roles/security/tasks/main.yml
+++ b/roles/security/tasks/main.yml
@@ -90,12 +90,6 @@
   notify:
     - flush routing cache
 
-- name: Enable packet forwarding for IPv4
-  sysctl: name=net.ipv4.ip_forward value=1
-
-- name: Enable packet forwarding for IPv6
-  sysctl: name=net.ipv6.conf.all.forwarding value=1
-
 - name: Do not send ICMP redirects (we are not a router)
   sysctl: name=net.ipv4.conf.all.send_redirects value=0