initial commit

3 files changed, 32 insertions, 0 deletions

diff --git a/templates/ferm.conf.epp b/templates/ferm.conf.epp
new file mode 100644
index 0000000..42a44be
--- /dev/null
+++ b/templates/ferm.conf.epp
@@ -0,0 +1,16 @@
+# End custom section
+
+domain (ip ip6) table filter {
+  chain INPUT {
+    interface lo ACCEPT;
+    @include '/etc/ferm.d/chains/INPUT.conf';
+  }
+
+  chain OUTPUT {
+    @include '/etc/ferm.d/chains/OUTPUT.conf';
+  }
+
+  chain FORWARD {
+    @include '/etc/ferm.d/chains/FORWARD.conf';
+  }
+}
diff --git a/templates/ferm_chain_header.conf.epp b/templates/ferm_chain_header.conf.epp
new file mode 100644
index 0000000..b8c444c
--- /dev/null
+++ b/templates/ferm_chain_header.conf.epp
@@ -0,0 +1,8 @@
+<%- | Ferm::Policies $policy,
+| -%>
+# Default policy for this chain
+policy <%= $policy %>;
+
+# connection tracking
+mod state state INVALID DROP;
+mod state state (ESTABLISHED RELATED) ACCEPT;
diff --git a/templates/ferm_header.conf.epp b/templates/ferm_header.conf.epp
new file mode 100644
index 0000000..66922d7
--- /dev/null
+++ b/templates/ferm_header.conf.epp
@@ -0,0 +1,8 @@
+# Currently managed by Puppet
+# Author: Tim Meusel <tim@bastelfreak.de>
+#
+
+# get all ip definitions
+@include '/etc/ferm.d/definitions/';
+
+# Begin custom section