Merge pull request #55 from bastelfreak/chains

allow preserving of chains in tables
author: Tim Meusel <tim@bastelfreak.de> 2019-09-02 12:40:55 +0200
committer: GitHub <noreply@github.com> 2019-09-02 12:40:55 +0200
commit: c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd (patch)
tree: df30502ab574dd029636662f8bf4b06bbe182b07 /templates/ferm.conf.epp
parent: ba10de286c634715931103031ad3bf20ce56ca14 (diff)
parent: 859f8ba5cb553d66c9dcdbc232d17a0b641624df (diff)
download: puppet-ferm-c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd.tar.gz
puppet-ferm-c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd.tar.bz2
1 files changed, 9 insertions, 0 deletions
diff --git a/templates/ferm.conf.epp b/templates/ferm.conf.epp
index b3aa0ce..0245a70 100644
--- a/templates/ferm.conf.epp
+++ b/templates/ferm.conf.epp
@@ -1,8 +1,17 @@
 <%- | String[1] $ip,
 Stdlib::Absolutepath $configdirectory,
+Hash[String[1], Array[String[1]]] $preserve_chains_in_tables,
 | -%>
 # End custom section
 
+<%- $preserve_chains_in_tables.each |$table, $chains| { -%>
+domain (<%= $ip %>) table <%= $table %> {
+  <%- $chains.each |$chain| { -%>
+  chain <%= $chain %> @preserve;
+  <%- } -%>
+}
+<%- } -%>
+
 domain (<%= $ip %>) table filter {
   chain INPUT {
     interface lo ACCEPT;
author	Tim Meusel <tim@bastelfreak.de>	2019-09-02 12:40:55 +0200
committer	GitHub <noreply@github.com>	2019-09-02 12:40:55 +0200
commit	c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd (patch)
tree	df30502ab574dd029636662f8bf4b06bbe182b07 /templates/ferm.conf.epp
parent	ba10de286c634715931103031ad3bf20ce56ca14 (diff)
parent	859f8ba5cb553d66c9dcdbc232d17a0b641624df (diff)
download	puppet-ferm-c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd.tar.gz puppet-ferm-c6540af81cdf3b1bea85bbf3d8f8aa07eef10bcd.tar.bz2