Merge pull request #80 from bastelfreak/ipsets

implement ipset support

1 files changed, 13 insertions, 0 deletions

diff --git a/templates/ferm-chain-ipset.epp b/templates/ferm-chain-ipset.epp
new file mode 100644
index 0000000..79aeb5c
--- /dev/null
+++ b/templates/ferm-chain-ipset.epp
@@ -0,0 +1,13 @@
+<%- | String[1] $ip,
+Ferm::Tables $table,
+String[1] $chain,
+Hash[String[1], Ferm::Actions] $sets,
+| -%>
+
+domain (<%= $ip %>) table <%= $table %> {
+    chain <%= $chain %> {
+      <%- $sets.each |$ipset, $action| { -%>
+      mod set set <%= $ipset %> src <%= $action %>;
+      <%- } -%>
+    }
+}