diff options
author | Aaron LI <aly@aaronly.me> | 2018-03-08 21:54:50 +0800 |
---|---|---|
committer | Aaron LI <aly@aaronly.me> | 2018-03-14 11:35:08 +0800 |
commit | 7fed657b7728d36a8635695afc147ebd5dda0830 (patch) | |
tree | 8e6c7711ec7106a4ba0b181f368c6d5cbec6de79 /roles | |
parent | f5b1f531b5544a1d335f75d057620ce0db92ffef (diff) | |
download | ansible-dfly-vps-7fed657b7728d36a8635695afc147ebd5dda0830.tar.bz2 |
security: restart syslogd and reload pf
Diffstat (limited to 'roles')
-rw-r--r-- | roles/security/handlers/main.yml | 3 | ||||
-rw-r--r-- | roles/security/tasks/main.yml | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/roles/security/handlers/main.yml b/roles/security/handlers/main.yml index e63d093..d4926b7 100644 --- a/roles/security/handlers/main.yml +++ b/roles/security/handlers/main.yml @@ -1,3 +1,6 @@ --- +- name: restart-syslogd + command: rcrestart syslogd + - name: reload-pf command: rcreload pf diff --git a/roles/security/tasks/main.yml b/roles/security/tasks/main.yml index 0a7ef0f..08780a5 100644 --- a/roles/security/tasks/main.yml +++ b/roles/security/tasks/main.yml @@ -4,6 +4,7 @@ src: pf.conf.j2 dest: /etc/pf.conf validate: "pfctl -nf %s" + notify: reload-pf - name: firewall - enable PF command: rcenable pf @@ -18,6 +19,7 @@ block: | # Block SSH auth failures using "sshlockout" and "pf" auth.info;authpriv.info |exec /usr/sbin/sshlockout -pf bruteforce + notify: restart-syslogd - name: periodic - copy clean-pf script copy: |