Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / files / systemd @ 9de35746

Nom Taille Révision Âge Auteur Commentaire
puppet_nft.conf 225 octets 9de35746 environ 3 ans hashworks Ensure that nftables.service remains active aft...

Dernières révisions

# Date Auteur Commentaire
9de35746 2022-02-27 10:49 hashworks

Ensure that nftables.service remains active after it exits

Some system-packages don't include it in the service-file and we expect
it. See #124.
ce22630b 2020-12-09 05:37 Steve Traylen

Remove duplicate flush on reload

When nftables was reloaded a flush was being done both in the systemd
reload call and in the nft script itself.
03d9e7da 2020-12-01 03:09 Steve Traylen

New parameter noflush_tables to selectivly skip flush

Introduces a new structured fact nftables

```yaml
nftables:
tables:
- inet-filter
- ip-nat
- ip6-nat
- inet-f2b-table
```

By default the nft script will continue to contain `nft flush ruleset`...
30462da1 2020-11-26 05:19 Steve Traylen

Reload rules atomically

Background: The unit file for nftables on CentOS 8 contains:

```
ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf
ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'
ExecStop=/sbin/nft flush ruleset
```...

Voir les révisions

Formats disponibles : Atom