Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / spec / classes / ip_nat_spec.rb @ 30462da1

Historique | Voir | Annoter | Télécharger (8,14 ko)

# Date Auteur Commentaire
30462da1 2020-11-26 05:19 Steve Traylen

Reload rules atomically

Background: The unit file for nftables on CentOS 8 contains:

```
ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf
ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'
ExecStop=/sbin/nft flush ruleset
```...
61f03b47 2020-11-19 09:19 Steve Traylen

Switch $order$fragmenta/b to $order-$fragment-a/b
e53053ce 2020-11-19 08:31 Steve Traylen

Add comments for all the nftable::rules entries

For each nftable::rule this adds an extra concat fragment to
add a comment containing the name and order number for the rule.

The motivation here is to make the mapping from resulting rules back
to puppet code more obvious. When adding a new rule it should be more...
e4c32222 2020-11-13 09:55 Nacho Barrientos

Use concat for table conf generation

This way other components of the module will be able to add extra stuff
to the table definitions like sets.
248ef9d5 2020-10-28 14:40 tr

Add basic ip6 nat chains
01d8a819 2020-10-16 10:29 tr

Styling to make tests green
605d5fde 2020-08-30 07:07 tr

Add spec tests for ip nat chain policies
c8e93806 2020-08-30 06:09 tr

Fix nat hooks
5bd849ba 2020-08-30 06:09 tr

Rename to snake cases