help (initial)

misc/bozos_portfwd.yml

@@ -0,0 +1,43 @@
+---
+## Hacks Bozos WiFi's Ubiquiti ONT to allow for port forwarding.
+
+- hosts: all
+  gather_facts: yes
+  become: yes
+
+  tasks:
+    - name: Check if the procedure has already been done before
+      stat:
+        path: /tmp/bozos.own3d
+      register: stat_result
+
+    - name: Kill wifiman process to prevent UISP contact (until this procedure runs again)
+      ansible.builtin.shell: killall wifiman
+      when: not stat_result.stat.exists
+
+    - name: Tell iptables to not drop any forward route packets, rather accept them
+      ansible.builtin.shell: iptables -D FORWARD -i veip0.1 -j DROP && iptables -A FORWARD -i veip0.1 -j ACCEPT
+      when: not stat_result.stat.exists
+
+    - name: Run more iptable rule cleanup
+      ansible.builtin.shell: iptables -D PORT_FW -j RETURN && iptables -D FORWARD -i veip0.1 -j PORT_FW
+      when: not stat_result.stat.exists
+
+    ## Here goes the bullshit!
+
+    - name: Load Port Forwarding Table CSV
+      read_csv:
+        path: 'bozos_forwards.csv'
+        fieldnames: localport, remoteport
+        delimiter: ','
+      register: csv_output
+      delegate: localhost ## Wtf does this do?
+
+    - name: Add port forwarding rules for each CSV entry
+      debug:
+        msg: "{{ rule }}"
+      ## loop: "{{ csv_output.list }}"
+      loop: "iptables -t nat -A PREROUTING -p tcp -i veip0.1 --dport {{ rule.remoteport }} -j DNAT --to-destination 192.168.9.11:{{ rule.localport }}"
+      loop_control:
+        extended: yes
+        label: "{{ ansible_loop.index0 }}"