aboutsummaryrefslogtreecommitdiff
path: root/REFERENCE.md
diff options
context:
space:
mode:
Diffstat (limited to 'REFERENCE.md')
-rw-r--r--REFERENCE.md44
1 files changed, 36 insertions, 8 deletions
diff --git a/REFERENCE.md b/REFERENCE.md
index 44d7034..39ba310 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -7,7 +7,7 @@
_Public Classes_
-* [`ferm`](#ferm): Class: ferm This class manages ferm installation and rule generation on modern linux systems class{'ferm': manage_service => true, ip_v
+* [`ferm`](#ferm): This class manages ferm installation and rule generation on modern linux systems
_Private Classes_
@@ -31,19 +31,38 @@ _Private Classes_
Class: ferm
-This class manages ferm installation and rule generation on modern linux systems
+#### Examples
-class{'ferm':
- manage_service => true,
- ip_versions => ['ip6'],
-}
+##### deploy ferm without any configured rules, but also don't start the service or modify existing config files
-#### Examples
+```puppet
+include ferm
+```
-##### deploy ferm and start it, on node with only ipv6 enabled
+##### deploy ferm and start it, on nodes with only ipv6 enabled
```puppet
+class{'ferm':
+ manage_service => true,
+ ip_versions => ['ip6'],
+}
+```
+##### deploy ferm and don't touch chains from other software, like fail2ban and docker
+
+```puppet
+class{'ferm':
+ manage_service => true,
+ preserve_chains_in_tables => {
+ 'filter' => [
+ 'f2b-sshd',
+ 'DOCKER',
+ 'DOCKER-ISOLATION-STAGE-1',
+ 'DOCKER-ISOLATION-STAGE-2',
+ 'DOCKER-USER',
+ ]
+ }
+}
```
#### Parameters
@@ -161,6 +180,15 @@ Data type: `Array[Enum['ip','ip6']]`
Set list of versions of ip we want ot use.
Default value: ['ip', 'ip6']
+##### `preserve_chains_in_tables`
+
+Data type: `Hash[String[1],Array[String[1]]]`
+
+Hash with table:chains[] to use ferm @preserve for
+Default value: Empty Hash
+Allowed values: Hash with a list of tables and chains in it to preserve
+Example: {'nat' => ['PREROUTING', 'POSTROUTING']}
+
## Defined types
### ferm::chain
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-26 13:54:09 +0000