Defined Type: ferm::chain

Defined in:
manifests/chain.pp

Overview

defined resource which creates all rules for one chain

Parameters:

  • policy (Ferm::Policies)

    Set the default policy for a CHAIN

  • chain (Ferm::Chains) (defaults to: $name)

    name of the chain that should be managed



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'manifests/chain.pp', line 4

define ferm::chain (
  Ferm::Policies $policy,
  Ferm::Chains $chain = $name,
) {

  # concat resource for the chain
  $filename = downcase($chain)
  concat{"/etc/ferm.d/chains/${chain}.conf":
    ensure  => 'present',
  }

  concat::fragment{"${chain}-policy":
    target  => "/etc/ferm.d/chains/${chain}.conf",
    content => epp("${module_name}/ferm_chain_header.conf.epp", {'policy' => $policy }),
    order   => '01',
  }
}