ansible/roles/nftables_router/templates/nftables.d/10-vars.conf.j2
Jeltz 592d3a630a
Some checks failed
continuous-integration/drone/push Build is failing
Create role for nftables router
2021-03-10 03:17:35 +01:00

55 lines
1.3 KiB
Django/Jinja

{{ ansible_managed | comment }}
## Interconnexion
# Réseaux d'interconnexion
define interco_v4 = { 192.168.0.0/31, 192.168.0.2/31, 10.129.0.0/16 }
define interco_v6 = { 2a09:6840:129::0/48 }
## Administration
# Réseaux d'administration
define adm_v4 = { 10.128.0.0/16, 10.133.0.0/16 }
define adm_v6 = { 2a09:6840:128::0/48, 2a09:6840:133::0/48 }
# Serveurs de centralisation des journaux
define syslog_adm_v4 = { 10.128.0.51 }
define syslog_adm_v6 = { 2a09:6840:128::251 }
# Adresses des bastions autorisés
define bastion_v4 = { 10.128.0.224, 10.133.0.250 }
define bastion_v6 = { 2a09:6840:133::250 }
## Services
# Réseaux de services privés
define svc_v4 = { 10.132.0.0/16 }
define svc_v6 = { 2a09:6840:132::0/48 }
## Adhérents
# Réseaux des adhérents
define member_v4 = { 10.50.0.0/16 }
define member_v6 = { 2a09:6840:50::0/48 }
# Sous-réseau d'inscription des adhérents
define signup_v4 = { 10.50.0.0/16 }
define signup_v6 = { 2a09:6840:50::0/48 }
# Hôtes déclencheurs d'accès à Internet pour inscription
define signup_trigger_v4 = { 1.1.1.1 }
define signup_trigger_v6 = { 2606:4700:4700::1111 }
## NAT
# Interface sur laquelle appliquer le NAT
define wan_iface = "ens18"
define member_priv_v4 = { 10.50.0.0/16 }
define member_nat_v4 = 92.222.211.198
define any_nat_v4 = 92.222.211.198