From beb7c4247272569918aa0ed85ee5a95653f2b46f Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Fri, 13 Sep 2019 10:36:20 +0200
Subject: enhance puppet-strings documentation

---
 REFERENCE.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'REFERENCE.md')

diff --git a/REFERENCE.md b/REFERENCE.md
index 62a5d3b..3225969 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -292,6 +292,28 @@ ferm::rule{'allow-ssh-localhost':
 }
 ```
 
+##### Confuse people that do a traceroute/mtr/ping to your system
+
+```puppet
+ferm::rule{'drop-icmp-time-exceeded':
+  chain         => 'OUTPUT',
+  policy        => 'DROP',
+  proto         => 'icmp',
+  proto_options => 'icmp-type time-exceeded',
+}
+```
+
+##### allow multiple protocols
+
+```puppet
+ferm::rule{'allow_consul':
+  chain  => 'INPUT',
+  policy => 'ACCEPT',
+  proto  => ['udp', 'tcp'],
+  dport  => 8301,
+}
+```
+
 #### Parameters
 
 The following parameters are available in the `ferm::rule` defined type.
-- 
cgit v1.2.3