Merge ec5073733a into e9ba6977b7

pillar.example

       - nf_conntrack_netbios_ns
 
   sysctl:
+    sysctls:
+      net/ipv4/ip_forward: 1
+      net/ipv6/conf/default/forwarding: 1
+      net/ipv6/conf/all/forwarding: 1
     forwarding: 1
     rp_filter: 1
     accept_source_route: 0

ufw/files/default/ufw.sysctl.tmpl.jinja

 # File managed by Salt at <{{ source }}>.
 # Your changes will be overwritten.
 ########################################################################
+{%- set sysctls = ufw_sysctl.get('sysctls') %}
 {%- set forwarding = ufw_sysctl.get('forwarding', 0) %}
 {%- set rp_filter = ufw_sysctl.get('rp_filter', 1) %}
 {%- set accept_source_route = ufw_sysctl.get('accept_source_route', 0) %}
 # Configuration file for setting network variables. Please note these settings
 # override /etc/sysctl.conf. If you prefer to use /etc/sysctl.conf, please
 # adjust IPT_SYSCTL in /etc/default/ufw.
+{%- if sysctls is not none %}
+{%- for sysctl, value in sysctls.items() %}
+{{ sysctl }}={{ value }}
+{%- endfor %}
+{%- else %}
 
 # Uncomment this to allow this host to route packets between interfaces
 net/ipv4/ip_forward={{ forwarding }}
 # Uncomment this to enable ipv6 privacy addressing
 net/ipv6/conf/default/use_tempaddr={{ use_tempaddr }}
 net/ipv6/conf/all/use_tempaddr={{ use_tempaddr }}
+{% endif %}