use dedicated conntrack parameters

1 files changed, 6 insertions, 2 deletions

diff --git a/manifests/init.pp b/manifests/init.pp
index ecaa391..4c69452 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -32,7 +32,9 @@
 # @param manage_initfile Disable/Enable the management of the ferm init script for RedHat-based OS
 # @param configfile Path to the config file
 # @param configdirectory Path to the directory where the module stores ferm configuration files
-# @param disable_conntrack Disable/Enable the generation of conntrack rules
+# @param forward_disable_conntrack Enable/Disable the generation of conntrack rules for the FORWARD chain
+# @param output_disable_conntrack Enable/Disable the generation of conntrack rules for the OUTPUT chain
+# @param input_disable_conntrack Enable/Disable the generation of conntrack rules for the INPUT chain
 # @param forward_policy Default policy for the FORWARD chain
 # @param output_policy Default policy for the OUTPUT chain
 # @param input_policy Default policy for the INPUT chain
@@ -50,7 +52,9 @@ class ferm (
   Boolean $manage_service = false,
   Boolean $manage_configfile = false,
   Boolean $manage_initfile = false,
-  Boolean $disable_conntrack = false,
+  Boolean $forward_disable_conntrack = true,
+  Boolean $output_disable_conntrack = true,
+  Boolean $input_disable_conntrack = false,
   Ferm::Policies $forward_policy = 'DROP',
   Ferm::Policies $output_policy = 'ACCEPT',
   Ferm::Policies $input_policy = 'DROP',