From beb7c4247272569918aa0ed85ee5a95653f2b46f Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Fri, 13 Sep 2019 10:36:20 +0200
Subject: enhance puppet-strings documentation

---
 manifests/rule.pp | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'manifests/rule.pp')

diff --git a/manifests/rule.pp b/manifests/rule.pp
index a973601..1acbfd1 100644
--- a/manifests/rule.pp
+++ b/manifests/rule.pp
@@ -17,6 +17,23 @@
 #     saddr  => '127.0.0.1',
 #   }
 #
+#
+# @example Confuse people that do a traceroute/mtr/ping to your system
+#   ferm::rule{'drop-icmp-time-exceeded':
+#     chain         => 'OUTPUT',
+#     policy        => 'DROP',
+#     proto         => 'icmp',
+#     proto_options => 'icmp-type time-exceeded',
+#   }
+#
+# @example allow multiple protocols
+#   ferm::rule{'allow_consul':
+#     chain  => 'INPUT',
+#     policy => 'ACCEPT',
+#     proto  => ['udp', 'tcp'],
+#     dport  => 8301,
+#   }
+#
 # @param chain Configure the chain where we want to add the rule
 # @param proto Which protocol do we want to match, typically UDP or TCP
 # @param comment A comment that will be added to the ferm config and to ip{,6}tables
-- 
cgit v1.2.3