---
- name: Setup NAT
  ansible.builtin.iptables:
    chain: POSTROUTING
    table: nat
    source: "{{ internal_network }}"
    jump: MASQUERADE

- ansible.posix.sysctl:
    name: kernel.panic
    value: '1'
    sysctl_file: /etc/sysctl.conf

- ansible.posix.sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    sysctl_set: true
    state: present
    reload: true

- ansible.posix.sysctl:
    name: net.ipv6.conf.all.forwarding
    value: '1'
    sysctl_set: true
    state: present
    reload: true

- ansible.posix.sysctl:
    name: net.ipv6.conf.ens19.proxy_ndp
    value: '1'
    sysctl_set: true
    state: present
    reload: true

- name: saveip6tables
  shell: ip6tables-save > /etc/iptables/rules.v6

- name: saveip4tables
  shell: iptables-save > /etc/iptables/rules.v4

- name: Create Routing Table 42
  ansible.builtin.lineinfile:
    path: /etc/iproute2/rt_tables
    line: 42 ffrl
    create: yes

- name: Generate NDPPD Config
  ansible.builtin.template:
    src: ndppd.conf.j2
    dest: /etc/ndppd.conf
    owner: root
    group: root
    mode: 755

- name: Install all Packages for VPN Servers
  ansible.builtin.apt: 
    name: 
      - libndp0
      - libndp-tools
      - ndppd
      - iptables-persistent
    state: latest
    update_cache: yes