Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F27596983
D4100.id10733.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D4100.id10733.diff
View Options
diff --git a/roles/core/pf/config.sls b/roles/core/pf/config.sls
--- a/roles/core/pf/config.sls
+++ b/roles/core/pf/config.sls
@@ -11,17 +11,25 @@
# Main configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
/etc/pf.conf:
file.managed:
- source: salt://roles/core/pf/files/pf.conf
- - template: jinja
- - context:
- public_ipv4_interface: {{ network["public_ipv4_interface"] }}
+
# -------------------------------------------------------------
# Tables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/etc/pf.conf.d/tables.conf:
+ file.managed:
+ - source: salt://roles/core/pf/files/tables.conf
+ - makedirs: True
+ - template: jinja
+ - context:
+ public_ipv4_interface: {{ network["public_ipv4_interface"] }}
+
/etc/pf:
file.directory
diff --git a/roles/core/pf/files/pf.conf b/roles/core/pf/files/pf.conf
--- a/roles/core/pf/files/pf.conf
+++ b/roles/core/pf/files/pf.conf
@@ -1,5 +1,5 @@
# -------------------------------------------------------------
-# pf
+# pf - main configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
@@ -13,12 +13,4 @@
# and will be lost if the state is redeployed.
# </auto-generated>
-# -------------------------------------------------------------
-# Tables
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-{% if public_ipv4_interface %}
-table <badhosts> persist file "/etc/pf/badhosts"
-block on {{ public_ipv4_interface }} from <badhosts> to any
-{%- else %}
-# Disabled table: /etc/pf/badhosts - no public IPv4 interface to attach
-{%- endif %}
+include "/etc/pf.conf.d/tables.conf"
diff --git a/roles/core/pf/files/pf.conf b/roles/core/pf/files/tables.conf
copy from roles/core/pf/files/pf.conf
copy to roles/core/pf/files/tables.conf
--- a/roles/core/pf/files/pf.conf
+++ b/roles/core/pf/files/tables.conf
@@ -1,9 +1,9 @@
# -------------------------------------------------------------
-# pf
+# pf - Tables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
-# Source file: roles/core/pf/files/pf.conf
+# Source file: roles/core/pf/files/tables.conf
# -------------------------------------------------------------
#
# <auto-generated>
@@ -13,12 +13,8 @@
# and will be lost if the state is redeployed.
# </auto-generated>
-# -------------------------------------------------------------
-# Tables
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% if public_ipv4_interface %}
table <badhosts> persist file "/etc/pf/badhosts"
-block on {{ public_ipv4_interface }} from <badhosts> to any
{%- else %}
# Disabled table: /etc/pf/badhosts - no public IPv4 interface to attach
{%- endif %}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, May 6, 18:32 (21 h, 38 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3691251
Default Alt Text
D4100.id10733.diff (2 KB)
Attached To
Mode
D4100: Move PF tables to /etc/pf.conf.d/tables.conf
Attached
Detach File
Event Timeline
Log In to Comment