ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 14:23:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #105 from siemens/siemens/feat/reverse_path_filtering_3_3_7

Browse source 
Adding missing lines to usr: sysctl.d/50-default.conf
This commit is contained in:
uk-bolly 2024-01-18 13:15:28 +00:00 committed by GitHub
commit 068c45f509
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
tasks/post.yml
View file

@ -26,6 +26,19 @@
- not system_is_container
- "'procps-ng' in ansible_facts.packages"
- name: POST | Update usr sysctl
ansible.builtin.lineinfile:
dest: /usr/lib/sysctl.d/50-default.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: '^net.ipv4.conf.default.rp_filter', line: 'net.ipv4.conf.default.rp_filter = 1' }
- { regexp: '^net.ipv4.conf.*.rp_filter', line: 'net.ipv4.conf.*.rp_filter = 1' }
when:
- rhel9cis_sysctl_update
- not system_is_container
- "'procps-ng' in ansible_facts.packages"
- name: Flush handlers
ansible.builtin.meta: flush_handlers