diff options
Diffstat (limited to 'REFERENCE.md')
| -rw-r--r-- | REFERENCE.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/REFERENCE.md b/REFERENCE.md index 4a3283a..ec71f8f 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -160,6 +160,14 @@ Default policy for the INPUT chain Default value: 'DROP' +##### `input_drop_invalid_packets_with_conntrack` + +Data type: `Boolean` + +Enable/Disable the `mod conntrack ctstate INVALID DROP` statement. Only works if `$disable_conntrack` is `false`. You can set this to false if your policy is DROP. This only effects the INPUT chain. + +Default value: `false` + ##### `rules` Data type: `Hash` @@ -247,6 +255,14 @@ Disable/Enable usage of conntrack. By default, we enable conntrack only for the Default value: `true` +##### `drop_invalid_packets_with_conntrack` + +Data type: `Boolean` + +Enable/Disable the `mod conntrack ctstate INVALID DROP` statement. Only works if `$disable_conntrack` is `false` in this chain. You can set this to false if your policy is DROP. + +Default value: `false` + ##### `log_dropped_packets` Data type: `Boolean` |