Historique | Voir | Annoter | Télécharger (1,69 ko)
Merge pull request #149 from hugendudel/netdev_support
Allow netdev as table family in defined type nftables::chain
Align filemode on RedHat to distro default
The RPM acutally ships the configuration and directory with0600/0700 while this module sets the mode to 0640/0750.
However, this has the drawback that on new nftables RPM versions,we are setting it back to the modules mode and triggering an nft...
Enable parameter_documentation lint
The linter checks that every parameter has been documented.
While corrections have been made to great many classes some morecomplicated examples have been left for now. Should be updatedas the files get touched.
https://github.com/domcleal/puppet-lint-param-docs
Use single line for each parameter definition
lint_fix results
Reload rules atomically
Background: The unit file for nftables on CentOS 8 contains:
```ExecStart=/sbin/nft -f /etc/sysconfig/nftables.confExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'ExecStop=/sbin/nft flush ruleset```...
Add comments for all the nftable::rules entries
For each nftable::rule this adds an extra concat fragment toadd a comment containing the name and order number for the rule.
The motivation here is to make the mapping from resulting rules backto puppet code more obvious. When adding a new rule it should be more...
Create a special ingoing chain for all ingoing fwd rules
Replace filter with inet-filter
Refactoring
