4 files changed, 29 insertions, 0 deletions

diff --git a/roles/configure_iptables/templates/ip6tables.rules b/roles/configure_iptables/templates/ip6tables.rules
index 5667a83..3b3bd03 100644
--- a/roles/configure_iptables/templates/ip6tables.rules
+++ b/roles/configure_iptables/templates/ip6tables.rules
@@ -35,6 +35,8 @@ COMMIT
 -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
 # munin
 -A INPUT -p tcp -m tcp --dport 4949 -j ACCEPT
+# iperf3
+-A INPUT -p tcp -m tcp -s 2a03:2260:1016::/48 --dport 5201 -j ACCEPT
 
 {% if 'fastd' in group_names %}
 # dns
diff --git a/roles/configure_iptables/templates/iptables.rules b/roles/configure_iptables/templates/iptables.rules
index c568e4e..5fbe272 100644
--- a/roles/configure_iptables/templates/iptables.rules
+++ b/roles/configure_iptables/templates/iptables.rules
@@ -33,6 +33,8 @@ COMMIT
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
 # nginx
 -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+# iperf3
+-A INPUT -p tcp -m tcp -s 10.222.0.0/16 --dport 5201 -j ACCEPT
 
 {% if 'fastd' in group_names %}
 # dns
diff --git a/roles/install_iperf3/files/iperf3-tcp.service b/roles/install_iperf3/files/iperf3-tcp.service
new file mode 100644
index 0000000..b35a534
--- /dev/null
+++ b/roles/install_iperf3/files/iperf3-tcp.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Iperf3 TCP Server
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/iperf3 -s -V
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/install_iperf3/tasks/main.yml b/roles/install_iperf3/tasks/main.yml
new file mode 100644
index 0000000..a7e5df6
--- /dev/null
+++ b/roles/install_iperf3/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+- name: install iperf3
+  pacman:
+      name: iperf3
+      state: present
+
+- name: copy iperf3 systemd-service
+  copy:
+      src: iperf3-tcp.service
+      dest: /etc/systemd/system/iperf3-tcp.service
+
+- name: start and enable iperf3 tcp
+  systemd:
+      name: iperf3-tcp.service
+      enabled: yes
+      state: started