diff options
| author | Tim Meusel <tim@bastelfreak.de> | 2019-09-13 10:36:20 +0200 |
|---|---|---|
| committer | Tim Meusel <tim@bastelfreak.de> | 2019-09-13 10:36:20 +0200 |
| commit | beb7c4247272569918aa0ed85ee5a95653f2b46f (patch) | |
| tree | acb4d3a8ac059b7c02ff80aece8305d758319561 /manifests | |
| parent | 2455de32311040de0d608d8cc151aa6395700e8f (diff) | |
| download | puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.gz puppet-ferm-beb7c4247272569918aa0ed85ee5a95653f2b46f.tar.bz2 | |
enhance puppet-strings documentation
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/rule.pp | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/manifests/rule.pp b/manifests/rule.pp index a973601..1acbfd1 100644 --- a/manifests/rule.pp +++ b/manifests/rule.pp @@ -17,6 +17,23 @@ # saddr => '127.0.0.1', # } # +# +# @example Confuse people that do a traceroute/mtr/ping to your system +# ferm::rule{'drop-icmp-time-exceeded': +# chain => 'OUTPUT', +# policy => 'DROP', +# proto => 'icmp', +# proto_options => 'icmp-type time-exceeded', +# } +# +# @example allow multiple protocols +# ferm::rule{'allow_consul': +# chain => 'INPUT', +# policy => 'ACCEPT', +# proto => ['udp', 'tcp'], +# dport => 8301, +# } +# # @param chain Configure the chain where we want to add the rule # @param proto Which protocol do we want to match, typically UDP or TCP # @param comment A comment that will be added to the ferm config and to ip{,6}tables |