From 5fdd7b138c50f7ad848f7378b489fa0fef254a1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torbj=C3=B6rn=20L=C3=B6nnemark?= <tobbez@ryara.net>
Date: Mon, 16 Jan 2023 23:17:30 +0100
Subject: [PATCH] Ensure IP forwarding is enabled on required interfaces

---
 manifests/system.pp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/manifests/system.pp b/manifests/system.pp
index c0bc708..fa8bce6 100644
--- a/manifests/system.pp
+++ b/manifests/system.pp
@@ -28,6 +28,19 @@ class analysator::system::nat {
     value  => '1',
   }
 
+  [
+    $analysator::system::internal_iface,
+    $analysator::system::public_iface,
+    $analysator::system::ib_iface,
+  ].each |$iface| {
+    ['4', '6'].each |$family| {
+      sysctl { "net.ipv${family}.conf.${iface}.forwarding":
+        ensure => present,
+        value  => '1',
+      }
+    }
+  }
+
   firewall { '200 forward internal':
     chain    => 'FORWARD',
     iniface  => $analysator::system::internal_iface,
-- 
GitLab