blob: 5b21912bde49ddf7fef2a3ba6530494c6fa5fd1f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# defined resource which creates all rules for one chain
# @param policy [Ferm::Policies] Set the default policy for a CHAIN
# @param disable_conntrack [Boolean] disable/enable usage of conntrack
# @param chain [Ferm::Chains] name of the chain that should be managed
define ferm::chain (
Ferm::Policies $policy,
Boolean $disable_conntrack,
Ferm::Chains $chain = $name,
) {
# concat resource for the chain
$filename = downcase($chain)
concat{"/etc/ferm.d/chains/${chain}.conf":
ensure => 'present',
}
concat::fragment{"${chain}-policy":
target => "/etc/ferm.d/chains/${chain}.conf",
content => epp(
"${module_name}/ferm_chain_header.conf.epp", {
'policy' => $policy,
'disable_conntrack' => $disable_conntrack,
}
),
order => '01',
}
}
|
