- name: Enable net.ipv4.tcp_syncookies
  sysctl:
    name: net.ipv4.tcp_syncookies
    value: '1'
    sysctl_set: yes
    state: present
    reload: yes
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)
    

- name: net.ipv4.conf.all.rp_filter   
  sysctl:
    name: net.ipv4.conf.all.rp_filter
    value: '1'
    sysctl_set: yes
    state: present
    reload: yes
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)
    
- name: Enable net.ipv4.tcp_max_syn_backlog 
  sysctl:
    name: net.ipv4.tcp_max_syn_backlog
    value: '1024'
    sysctl_set: yes
    state: present
    reload: yes
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)
    
- name: Enable net.ipv4.tcp_synack_retries   
  sysctl:
    name: net.ipv4.tcp_synack_retries
    value: '3'
    sysctl_set: yes
    state: present
    reload: yes
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)