blob: 938958b1e824abd55c016891381a861296317c9a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
<%- | Optional[Ferm::Policies] $policy,
Boolean $disable_conntrack,
| -%>
# THIS FILE IS MANAGED BY PUPPET
<%- if $policy { -%>
# Default policy for this chain
policy <%= $policy %>;
<%- } -%>
<% unless $disable_conntrack { -%>
# connection tracking
mod conntrack ctstate (ESTABLISHED RELATED) ACCEPT;
mod conntrack ctstate INVALID DROP;
<% } -%>
|