diff options
| author | Tim Meusel <tim@bastelfreak.de> | 2021-07-16 19:31:42 +0200 |
|---|---|---|
| committer | Tim Meusel <tim@bastelfreak.de> | 2021-07-16 20:04:33 +0200 |
| commit | e13e6c1ae0e1848051892d0306030a528b01524a (patch) | |
| tree | 4c99f442b4373ce4e299e2efcf6da1612a4b8c2e /REFERENCE.md | |
| parent | e44c8acf0cca889307db0d745ee72cc0b2574dca (diff) | |
| download | puppet-ferm-e13e6c1ae0e1848051892d0306030a528b01524a.tar.gz puppet-ferm-e13e6c1ae0e1848051892d0306030a528b01524a.tar.bz2 | |
delete legacy `policy` param in ferm::rule
Diffstat (limited to 'REFERENCE.md')
| -rw-r--r-- | REFERENCE.md | 22 |
1 files changed, 4 insertions, 18 deletions
diff --git a/REFERENCE.md b/REFERENCE.md index bc2fe1d..6db3b49 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -487,7 +487,7 @@ ferm::rule{'allow-ssh-localhost': ```puppet ferm::rule{'drop-icmp-time-exceeded': chain => 'OUTPUT', - policy => 'DROP', + action => 'DROP', proto => 'icmp', proto_options => 'icmp-type time-exceeded', } @@ -498,7 +498,7 @@ ferm::rule{'drop-icmp-time-exceeded': ```puppet ferm::rule{'allow_consul': chain => 'INPUT', - policy => 'ACCEPT', + action => 'ACCEPT', proto => ['udp', 'tcp'], dport => 8301, } @@ -512,7 +512,6 @@ The following parameters are available in the `ferm::rule` defined type: * [`proto`](#proto) * [`comment`](#comment) * [`action`](#action) -* [`policy`](#policy) * [`dport`](#dport) * [`sport`](#sport) * [`saddr`](#saddr) @@ -544,24 +543,11 @@ Default value: `$name` ##### <a name="action"></a>`action` -Data type: `Optional[Ferm::Actions]` - -Configure what we want to do with the packet (drop/accept/reject, can also be a target chain name) -Default value: undef -Allowed values: (RETURN|ACCEPT|DROP|REJECT|NOTRACK|LOG|MARK|DNAT|SNAT|MASQUERADE|REDIRECT|String[1]) - -Default value: ``undef`` - -##### <a name="policy"></a>`policy` - -Data type: `Optional[Ferm::Policies]` +Data type: `Ferm::Actions` -Configure what we want to do with the packet (drop/accept/reject, can also be a target chain name) [DEPRECATED] -Default value: undef +Configure what we want to do with the packet (drop/accept/reject, can also be a target chain name). The parameter is mandatory. Allowed values: (RETURN|ACCEPT|DROP|REJECT|NOTRACK|LOG|MARK|DNAT|SNAT|MASQUERADE|REDIRECT|String[1]) -Default value: ``undef`` - ##### <a name="dport"></a>`dport` Data type: `Optional[Ferm::Port]` |