root / templates / systemd / puppet_nft.conf.epp @ 03d9e7da
Historique | Voir | Annoter | Télécharger (623 octets)
| 1 | 03d9e7da | Steve Traylen | <%- | |
|---|---|---|---|
| 2 | Optional[Array[String[1]]] $noflush = undef, |
||
| 3 | | -%> |
||
| 4 | <%- |
||
| 5 | if $noflush and $facts['nftables'] and $facts['nftables']['tables'] {
|
||
| 6 | $_flush_command = $facts['nftables']['tables'].filter |$_tab| { !( $_tab in $noflush) }.map |$_table| {
|
||
| 7 | "flush table ${regsubst($_table,'-',' ')}"
|
||
| 8 | } |
||
| 9 | } else {
|
||
| 10 | $_flush_command = ['flush ruleset'] |
||
| 11 | } |
||
| 12 | -%> |
||
| 13 | # Specify directory to look for relative includes |
||
| 14 | [Service] |
||
| 15 | ExecStart= |
||
| 16 | ExecStart=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf |
||
| 17 | ExecReload= |
||
| 18 | ExecReload=/sbin/nft -I /etc/nftables/puppet '<%= $_flush_command.join('; ') %>; include "/etc/sysconfig/nftables.conf";'
|