root / templates / systemd / puppet_nft.conf.epp @ 03d9e7da
Historique | Voir | Annoter | Télécharger (623 octets)
| 1 |
<%- | |
|---|---|
| 2 |
Optional[Array[String[1]]] $noflush = undef, |
| 3 |
| -%> |
| 4 |
<%- |
| 5 |
if $noflush and $facts['nftables'] and $facts['nftables']['tables'] {
|
| 6 |
$_flush_command = $facts['nftables']['tables'].filter |$_tab| { !( $_tab in $noflush) }.map |$_table| {
|
| 7 |
"flush table ${regsubst($_table,'-',' ')}"
|
| 8 |
} |
| 9 |
} else {
|
| 10 |
$_flush_command = ['flush ruleset'] |
| 11 |
} |
| 12 |
-%> |
| 13 |
# Specify directory to look for relative includes |
| 14 |
[Service] |
| 15 |
ExecStart= |
| 16 |
ExecStart=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf |
| 17 |
ExecReload= |
| 18 |
ExecReload=/sbin/nft -I /etc/nftables/puppet '<%= $_flush_command.join('; ') %>; include "/etc/sysconfig/nftables.conf";'
|
| 19 |
|