roles/host/tasks/unprivileged-ports.yml


1
2
3
4
5
6
7
8
9
10
11

- name: Set unprivileged ports sysctl parameter in /etc/sysctl.d/50-UnprivilegedPorts.conf
  ansible.builtin.lineinfile:
    path: "/etc/sysctl.d/50-UnprivilegedPorts.conf"
    regexp: "^net.ipv4.ip_unprivileged_port_start="
    line: "net.ipv4.ip_unprivileged_port_start={{ host_unprivileged_ports_start }}"
    create: true
  register: sysctl

- name: Reload sysctl
  ansible.builtin.shell: "sysctl -p /etc/sysctl.d/50-UnprivilegedPorts.conf"
  when: sysctl.changed