Révision ac0af4aa
Allow tables to add comments to $log_prefix
| manifests/init.pp | ||
|---|---|---|
| 26 | 26 |
# @param in_ssh |
| 27 | 27 |
# Allow inbound to ssh servers. |
| 28 | 28 |
# |
| 29 |
# @param log_prefix |
|
| 30 |
# String that will be used as prefix when logging packets. It can contain |
|
| 31 |
# two variables using standard sprintf() string-formatting: |
|
| 32 |
# * chain: Will be replaced by the name of the chain. |
|
| 33 |
# * comment: Allows chains to add extra comments. |
|
| 34 |
# |
|
| 29 | 35 |
# @param reject_with |
| 30 | 36 |
# How to discard packets not matching any rule. If `false`, the |
| 31 | 37 |
# fate of the packet will be defined by the chain policy (normally |
| ... | ... | |
| 40 | 46 |
Boolean $out_https = true, |
| 41 | 47 |
Boolean $out_all = false, |
| 42 | 48 |
Hash $rules = {},
|
| 43 |
String $log_prefix = '[nftables] %<chain>s Rejected: ',
|
|
| 49 |
String $log_prefix = '[nftables] %<chain>s %<comment>s',
|
|
| 44 | 50 |
Variant[Boolean[false], Pattern[ |
| 45 | 51 |
/icmp(v6|x)? type .+|tcp reset/]] |
| 46 | 52 |
$reject_with = 'icmpx type port-unreachable', |
Formats disponibles : Unified diff