---
- block:
  - name: Enable kernel binding non local IP addresses
    sysctl: name={{ item }} value=1 reload=yes state=present
    with_items:
      - net.ipv4.ip_nonlocal_bind
    when: haproxy_k_bind_non_local_ip

  - name: Increase the connection tracking table capacity
    sysctl: name={{ item }} value={{ haproxy_sysctl_conntrack_max }} reload=yes state=present
    with_items:
      - net.nf_conntrack_max
    when: iptables_persistent_enabled is defined and iptables_persistent_enabled

  tags: [ 'haproxy', 'haproxy_sysctl' ]

- block:
  - name: Disable kernel binding non local IP addresses
    sysctl: name={{ item }} value=0 reload=yes state=present
    with_items:
      - net.ipv4.ip_nonlocal_bind

  when: not haproxy_k_bind_non_local_ip
  tags: [ 'haproxy', 'haproxy_sysctl' ]