Révision e0bb7852
Change default hash location to /var/tmp to survive reboots and avoid bogus nftables reload
| manifests/init.pp | ||
|---|---|---|
| 148 | 148 |
Hash $sets = {},
|
| 149 | 149 |
String $log_prefix = '[nftables] %<chain>s %<comment>s', |
| 150 | 150 |
String[1] $nat_table_name = 'nat', |
| 151 |
Stdlib::Unixpath $inmem_rules_hash_file = '/run/puppet-nft-memhash',
|
|
| 151 |
Stdlib::Unixpath $inmem_rules_hash_file = '/var/tmp/puppet-nft-memhash',
|
|
| 152 | 152 |
Boolean $log_discarded = true, |
| 153 | 153 |
Variant[Boolean[false], String] $log_limit = '3/minute burst 5 packets', |
| 154 | 154 |
Variant[Boolean[false], Pattern[/icmp(v6|x)? type .+|tcp reset/]] $reject_with = 'icmpx type port-unreachable', |
Formats disponibles : Unified diff