root / files / config / puppet.nft @ 30462da1
Historique | Voir | Annoter | Télécharger (479 octets)
| 1 | 30462da1 | Steve Traylen | # puppet-preflight.nft is only used by puppet for validating new configs |
|---|---|---|---|
| 2 | # puppet.nft is real configuration that the nftables services uses. |
||
| 3 | # To process either the -I flag must be specified. |
||
| 4 | # nft -c -I /etc/nftables/puppet -f /etc/nftables/puppet.nft |
||
| 5 | # nft -c -I /etc/nftables/puppet-preflight -f /etc/nftables/puppet-preflight.nft |
||
| 6 | |||
| 7 | 0ba57c66 | mh | # drop any existing nftables ruleset |
| 8 | flush ruleset |
||
| 9 | |||
| 10 | 30462da1 | Steve Traylen | include "custom-*.nft" |
| 11 | include "inet-filter.nft" |
||
| 12 | include "ip-nat.nft" |
||
| 13 | include "ip6-nat.nft" |