aboutsummaryrefslogtreecommitdiff
path: root/manifests/config.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/config.pp')
-rw-r--r--manifests/config.pp29
1 files changed, 29 insertions, 0 deletions
diff --git a/manifests/config.pp b/manifests/config.pp
index 25607ad..efabe2b 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -57,4 +57,33 @@ class ferm::config {
disable_conntrack => $ferm::disable_conntrack,
log_dropped_packets => $ferm::output_log_dropped_packets,
}
+
+ # initialize default tables and chains
+ ['PREROUTING', 'OUTPUT'].each |$raw_chain| {
+ ferm::chain{"raw-${raw_chain}":
+ chain => $raw_chain,
+ policy => 'ACCEPT',
+ disable_conntrack => true,
+ log_dropped_packets => false,
+ table => 'raw',
+ }
+ }
+ ['PREROUTING', 'INPUT', 'OUTPUT', 'POSTROUTING'].each |$nat_chain| {
+ ferm::chain{"nat-${nat_chain}":
+ chain => $nat_chain,
+ policy => 'ACCEPT',
+ disable_conntrack => true,
+ log_dropped_packets => false,
+ table => 'nat',
+ }
+ }
+ ['PREROUTING', 'INPUT', 'FORWARD', 'OUTPUT', 'POSTROUTING'].each |$mangle_chain| {
+ ferm::chain{"mangle-${mangle_chain}":
+ chain => $mangle_chain,
+ policy => 'ACCEPT',
+ disable_conntrack => true,
+ log_dropped_packets => false,
+ table => 'mangle',
+ }
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 06:20:51 +0000