I know the official validate command is pfctl -nf, but if you do so, you need to register the result of this task, then make one more conditional task to apply. This doubles your playbook execution time, which is not acceptable for me.
-- Cordialement, Pierre BARDOU -----Message d'origine----- De : owner-t...@openbsd.org [mailto:owner-t...@openbsd.org] De la part de Landry Breuil Envoyé : mardi 22 novembre 2016 14:53 À : tech@openbsd.org Objet : Re: reloading pf through ansible easy hook On Tue, Nov 22, 2016 at 11:15:01AM +0000, BARDOU Pierre wrote: > Hello, > > - name: "Loading pf.conf" > template: src=pf.conf dest=/etc/ validate="pfctl -f %s" Fwiw, i find it nicer to validate with 'pfctl -nf' .. Landry
