From 9bf06cc90e4ba965ff26c5ddcbfb3cfe68878c68 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sat, 29 Oct 2022 19:07:55 -0400 Subject: [PATCH] Fix firewall role. pflog was creating /-i as a file because the logfile was undefined. --- ansible/playbook.yaml | 2 +- ansible/roles/firewall/tasks/freebsd.yaml | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index c974635..d6bbd97 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -10,7 +10,7 @@ - network - sshd - base - # - firewall + - firewall - cpu - ntp - build diff --git a/ansible/roles/firewall/tasks/freebsd.yaml b/ansible/roles/firewall/tasks/freebsd.yaml index 24406a4..3c1e779 100644 --- a/ansible/roles/firewall/tasks/freebsd.yaml +++ b/ansible/roles/firewall/tasks/freebsd.yaml @@ -67,3 +67,11 @@ value: "{{ item.dev }}" path: /etc/rc.conf.d/pflog loop: "{{ pflog_conf }}" + +- name: Set pflog logfile names + notify: restart pflog + community.general.sysrc: + name: "pflog_{{item.name}}_logfile" + value: "{{ item.logfile|default('/var/log/' + item.dev) }}" + path: /etc/rc.conf.d/pflog + loop: "{{ pflog_conf }}"