<ul>
<li><a href="#overview">Overview</a></li>
+<li><a href="#what-happenend-to-older-releases">What happened to older releases?</a></li>
<li><a href="#setup">Setup</a></li>
<li><a href="#support">Support</a></li>
<li><a href="#reference">Reference</a></li>
software. It allows you to configure the actual software, but also all related
rules.</p>
+<h2>What happened to older releases?</h2>
+
+<p>You maybe wonder what happend to release 1.1.0 and 1.0.0. We had to take them
+down because they contained sensitive information.</p>
+
<h2>Setup</h2>
<p>This is very easy:</p>
<ul>
<li><a href="#overview">Overview</a></li>
+<li><a href="#what-happenend-to-older-releases">What happened to older releases?</a></li>
<li><a href="#setup">Setup</a></li>
<li><a href="#support">Support</a></li>
<li><a href="#reference">Reference</a></li>
software. It allows you to configure the actual software, but also all related
rules.</p>
+<h2>What happened to older releases?</h2>
+
+<p>You maybe wonder what happend to release 1.1.0 and 1.0.0. We had to take them
+down because they contained sensitive information.</p>
+
<h2>Setup</h2>
<p>This is very easy:</p>
</li>
+ <li>
+
+ <span class='name'>disable_conntrack</span>
+
+
+ <span class='type'>(<tt>Boolean</tt>)</span>
+
+
+
+ —
+ <div class='inline'><p>disable/enable the generation of conntrack rules
+Default value: false
+Allowed values: (true|false)</p>
+</div>
+
+ </li>
+
<li>
<span class='name'>forward_policy</span>
<pre class="lines">
-31
-32
-33
34
35
36
52
53
54
-55</pre>
+55
+56
+57
+58
+59</pre>
</td>
<td>
- <pre class="code"><span class="info file"># File 'manifests/init.pp', line 31</span>
+ <pre class="code"><span class="info file"># File 'manifests/init.pp', line 34</span>
class ferm (
Boolean $manage_service,
Boolean $manage_configfile,
Stdlib::Absolutepath $configfile,
+ Boolean $disable_conntrack,
Ferm::Policies $forward_policy,
Ferm::Policies $output_policy,
Ferm::Policies $input_policy,
43
44
45
-46</pre>
+46
+47
+48
+49</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/config.pp', line 3</span>
}
ferm::chain{'INPUT':
- policy => $ferm::input_policy,
+ policy => $ferm::input_policy,
+ disable_conntrack => $ferm::disable_conntrack,
}
ferm::chain{'FORWARD':
- policy => $ferm::forward_policy,
+ policy => $ferm::forward_policy,
+ disable_conntrack => $ferm::disable_conntrack,
}
ferm::chain{'OUTPUT':
- policy => $ferm::output_policy,
+ policy => $ferm::output_policy,
+ disable_conntrack => $ferm::disable_conntrack,
}
}</pre>
</td>
</li>
+ <li>
+
+ <span class='name'>disable_conntrack</span>
+
+
+ <span class='type'>(<tt>Boolean</tt>)</span>
+
+
+
+ —
+ <div class='inline'><p>disable/enable usage of conntrack</p>
+</div>
+
+ </li>
+
<li>
<span class='name'>chain</span>
<pre class="lines">
-4
5
6
7
17
18
19
-20</pre>
+20
+21
+22
+23
+24
+25
+26
+27</pre>
</td>
<td>
- <pre class="code"><span class="info file"># File 'manifests/chain.pp', line 4</span>
+ <pre class="code"><span class="info file"># File 'manifests/chain.pp', line 5</span>
define ferm::chain (
Ferm::Policies $policy,
+ Boolean $disable_conntrack,
Ferm::Chains $chain = $name,
) {
concat::fragment{"${chain}-policy":
target => "/etc/ferm.d/chains/${chain}.conf",
- content => epp("${module_name}/ferm_chain_header.conf.epp", {'policy' => $policy }),
+ content => epp(
+ "${module_name}/ferm_chain_header.conf.epp", {
+ 'policy' => $policy,
+ 'disable_conntrack' => $disable_conntrack,
+ }
+ ),
order => '01',
}
}</pre>
projects / puppet-ferm.git / commitdiff