From 3117ba0822e5472b9aa2a3e6e6ef4c43ea4c6565 Mon Sep 17 00:00:00 2001
From: Thore Bödecker <me@foxxx0.de>
Date: Fri, 13 Sep 2019 12:15:19 +0200
Subject: fix kernel incompatibilities

Certain kernel modules and thus iptables functionality was introduced at
later releases, so we need to properly reflect that in our default chain
initialization procedure.

`INPUT` chain for `nat` table was introduced with 2.6.36

`ip6table_nat` kernel module for NAT functionality with IPv6 was
introduced with 3.17

This commit implements the required conditional constraints and includes
the rspec tests to validate it.
---
 REFERENCE.md | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'REFERENCE.md')

diff --git a/REFERENCE.md b/REFERENCE.md
index 3225969..5ab5f0b 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -263,6 +263,15 @@ Allowed values: (filter|raw|mangle|nat) (see Ferm::Tables type)
 
 Default value: 'filter'
 
+##### `ip_versions`
+
+Data type: `Array[Enum['ip','ip6']]`
+
+Set list of versions of ip we want ot use.
+Default value: $ferm::ip_versions
+
+Default value: $ferm::ip_versions
+
 ### ferm::rule
 
 This defined resource manages a single rule in a specific chain
-- 
cgit v1.2.3