Révision 804b96e4
Prepare release 1.3.0
| REFERENCE.md | ||
|---|---|---|
| 17 | 17 |
Enable this option to support Ceph's Monitor Daemon. |
| 18 | 18 |
* [`nftables::rules::dhcpv6_client`](#nftablesrulesdhcpv6_client): allow DHCPv6 requests in to a host |
| 19 | 19 |
* [`nftables::rules::dns`](#nftablesrulesdns): manage in dns |
| 20 |
* [`nftables::rules::docker_ce`](#nftablesrulesdocker_ce): Default firewall configuration for Docker-CE |
|
| 20 | 21 |
* [`nftables::rules::http`](#nftablesruleshttp): manage in http |
| 21 | 22 |
* [`nftables::rules::https`](#nftablesruleshttps): manage in https |
| 22 | 23 |
* [`nftables::rules::icinga2`](#nftablesrulesicinga2): manage in icinga2 |
| ... | ... | |
| 446 | 447 |
|
| 447 | 448 |
Default value: `[53]` |
| 448 | 449 |
|
| 450 |
### <a name="nftablesrulesdocker_ce"></a>`nftables::rules::docker_ce` |
|
| 451 |
|
|
| 452 |
The configuration distributed in this class represents the default firewall |
|
| 453 |
configuration done by docker-ce when the iptables integration is enabled. |
|
| 454 |
|
|
| 455 |
This class is needed as the default docker-ce rules added to ip-filter conflict |
|
| 456 |
with the inet-filter forward rules set by default in this module. |
|
| 457 |
|
|
| 458 |
When using this class 'docker::iptables: false' should be set. |
|
| 459 |
|
|
| 460 |
#### Parameters |
|
| 461 |
|
|
| 462 |
The following parameters are available in the `nftables::rules::docker_ce` class: |
|
| 463 |
|
|
| 464 |
* [`docker_interface`](#docker_interface) |
|
| 465 |
* [`docker_prefix`](#docker_prefix) |
|
| 466 |
* [`manage_docker_chains`](#manage_docker_chains) |
|
| 467 |
* [`manage_base_chains`](#manage_base_chains) |
|
| 468 |
|
|
| 469 |
##### <a name="docker_interface"></a>`docker_interface` |
|
| 470 |
|
|
| 471 |
Data type: `String[1]` |
|
| 472 |
|
|
| 473 |
Interface name used by docker. |
|
| 474 |
|
|
| 475 |
Default value: `'docker0'` |
|
| 476 |
|
|
| 477 |
##### <a name="docker_prefix"></a>`docker_prefix` |
|
| 478 |
|
|
| 479 |
Data type: `Stdlib::IP::Address::V4::CIDR` |
|
| 480 |
|
|
| 481 |
The address space used by docker. |
|
| 482 |
|
|
| 483 |
Default value: `'172.17.0.0/16'` |
|
| 484 |
|
|
| 485 |
##### <a name="manage_docker_chains"></a>`manage_docker_chains` |
|
| 486 |
|
|
| 487 |
Data type: `Boolean` |
|
| 488 |
|
|
| 489 |
Flag to control whether the class should create the docker related chains. |
|
| 490 |
|
|
| 491 |
Default value: ``true`` |
|
| 492 |
|
|
| 493 |
##### <a name="manage_base_chains"></a>`manage_base_chains` |
|
| 494 |
|
|
| 495 |
Data type: `Boolean` |
|
| 496 |
|
|
| 497 |
Flag to control whether the class should create the base common chains. |
|
| 498 |
|
|
| 499 |
Default value: ``true`` |
|
| 500 |
|
|
| 449 | 501 |
### <a name="nftablesruleshttp"></a>`nftables::rules::http` |
| 450 | 502 |
|
| 451 | 503 |
manage in http |
Formats disponibles : Unified diff