enhance puppet-strings documentation

author: Tim Meusel <tim@bastelfreak.de> 2019-09-13 10:36:20 +0200
committer: Tim Meusel <tim@bastelfreak.de> 2019-09-13 10:36:20 +0200
commit: beb7c4247272569918aa0ed85ee5a95653f2b46f (patch)
tree: acb4d3a8ac059b7c02ff80aece8305d758319561 /REFERENCE.md
parent: 2455de32311040de0d608d8cc151aa6395700e8f (diff)
download: puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.gz
puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.bz2
1 files changed, 22 insertions, 0 deletions
diff --git a/REFERENCE.md b/REFERENCE.md
index 62a5d3b..3225969 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -292,6 +292,28 @@ ferm::rule{'allow-ssh-localhost':
 }
 ```
 
+##### Confuse people that do a traceroute/mtr/ping to your system
+
+```puppet
+ferm::rule{'drop-icmp-time-exceeded':
+  chain         => 'OUTPUT',
+  policy        => 'DROP',
+  proto         => 'icmp',
+  proto_options => 'icmp-type time-exceeded',
+}
+```
+
+##### allow multiple protocols
+
+```puppet
+ferm::rule{'allow_consul':
+  chain  => 'INPUT',
+  policy => 'ACCEPT',
+  proto  => ['udp', 'tcp'],
+  dport  => 8301,
+}
+```
+
 #### Parameters
 
 The following parameters are available in the `ferm::rule` defined type.
author	Tim Meusel <tim@bastelfreak.de>	2019-09-13 10:36:20 +0200
committer	Tim Meusel <tim@bastelfreak.de>	2019-09-13 10:36:20 +0200
commit	beb7c4247272569918aa0ed85ee5a95653f2b46f (patch)
tree	acb4d3a8ac059b7c02ff80aece8305d758319561 /REFERENCE.md
parent	2455de32311040de0d608d8cc151aa6395700e8f (diff)
download	puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.gz puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.bz2