From 91fa3bcde36896eedade89911df93bbf58b6609b Mon Sep 17 00:00:00 2001 From: Fabien COMBERNOUS Date: Fri, 1 Nov 2019 14:12:30 +0100 Subject: use dedicated conntrack parameters --- manifests/init.pp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'manifests/init.pp') diff --git a/manifests/init.pp b/manifests/init.pp index ecaa391..4c69452 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -32,7 +32,9 @@ # @param manage_initfile Disable/Enable the management of the ferm init script for RedHat-based OS # @param configfile Path to the config file # @param configdirectory Path to the directory where the module stores ferm configuration files -# @param disable_conntrack Disable/Enable the generation of conntrack rules +# @param forward_disable_conntrack Enable/Disable the generation of conntrack rules for the FORWARD chain +# @param output_disable_conntrack Enable/Disable the generation of conntrack rules for the OUTPUT chain +# @param input_disable_conntrack Enable/Disable the generation of conntrack rules for the INPUT chain # @param forward_policy Default policy for the FORWARD chain # @param output_policy Default policy for the OUTPUT chain # @param input_policy Default policy for the INPUT chain @@ -50,7 +52,9 @@ class ferm ( Boolean $manage_service = false, Boolean $manage_configfile = false, Boolean $manage_initfile = false, - Boolean $disable_conntrack = false, + Boolean $forward_disable_conntrack = true, + Boolean $output_disable_conntrack = true, + Boolean $input_disable_conntrack = false, Ferm::Policies $forward_policy = 'DROP', Ferm::Policies $output_policy = 'ACCEPT', Ferm::Policies $input_policy = 'DROP', -- cgit v1.2.3