NAME
gyptazy - it's all about FreeBSD, Proxmox, BGP and Coding!

OPTIONS

CONTENT

Ansible Packet Filter Module for BSD Systems

():
My new module pf (packet filter) allows managing the BSD’s packet filter (pf – as a firewall) which is compatible with FreeBSD, OpenBSD etc. When running in dry_run mode a generated rule set file will be validated and printed within Ansible’s meta output (json). Rulesets can be loaded by filters (e.g. filter, options or nat) and tested in dry_run mode. Next to this, basic service management can be done by this module for starting, stopping and restarting pf. 
- name: Test a rule set
  pf:
    action: reload
    config: /etc/pf.conf
    dry_run: True

- name: Load only NAT rules set
  pf:
    action: reload
    config: /etc/pf.conf
    filter: nat

- name: Flush PF rules
  pf:
    action: reload
    config: /etc/pf.conf

- name: Start PF
  pf:
    action: restart
    config: /etc/pf.conf
Resources:
Initial upload: initial upload of pf (packet filter)
PR: PR#5857