Révision 24a5a2a7
Enable conntrack in FORWARD
| manifests/init.pp | ||
|---|---|---|
| 59 | 59 |
# Adds INPUT and OUTPUT rules to allow traffic that's part of an |
| 60 | 60 |
# established connection and also to drop invalid packets. |
| 61 | 61 |
# |
| 62 |
# @param fwd_conntrack |
|
| 63 |
# Adds FORWARD rules to allow traffic that's part of an |
|
| 64 |
# established connection and also to drop invalid packets. |
|
| 65 |
# |
|
| 62 | 66 |
# @param firewalld_enable |
| 63 | 67 |
# Configures how the firewalld systemd service unit is enabled. It might be |
| 64 | 68 |
# useful to set this to false if you're externaly removing firewalld from |
| ... | ... | |
| 74 | 78 |
Boolean $out_icmp = true, |
| 75 | 79 |
Boolean $out_all = false, |
| 76 | 80 |
Boolean $in_out_conntrack = true, |
| 81 |
Boolean $fwd_conntrack = false, |
|
| 77 | 82 |
Boolean $nat = true, |
| 78 | 83 |
Hash $rules = {},
|
| 79 | 84 |
Hash $sets = {},
|
Formats disponibles : Unified diff