/files - Dépôt - puppet nftables - Koumbit's Redmine

Télécharger au format

root / files @ f29ea029

Nom	Taille	Révision	Âge	Auteur	Commentaire
config		fcb1d356	plus de 4 ans	Nacho Barrientos	Auto fill simple table configuration

#	Date	Auteur	Commentaire
a86c6409	2021-01-18 14:00	Kienan Stewart	Convert puppet_nft systemd drop-in unit file to template
8d22a441	2021-01-18 14:00	Kienan Stewart	WIP: Start adding support for Debian
fcb1d356	2020-12-10 02:23	Nacho Barrientos	Auto fill simple table configuration
ce22630b	2020-12-09 05:37	Steve Traylen	Remove duplicate flush on reload When nftables was reloaded a flush was being done both in the systemd reload call and in the nft script itself.
03d9e7da	2020-12-01 03:09	Steve Traylen	New parameter noflush_tables to selectivly skip flush Introduces a new structured fact nftables ```yaml nftables: tables: - inet-filter - ip-nat - ip6-nat - inet-f2b-table ``` By default the nft script will continue to contain `nft flush ruleset`...
82d10659	2020-11-26 15:39	Nacho Barrientos	Allow disabling default NAT tables and chains
30462da1	2020-11-26 05:19	Steve Traylen	Reload rules atomically Background: The unit file for nftables on CentOS 8 contains: ``` ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";' ExecStop=/sbin/nft flush ruleset ```...
79e9a23f	2020-11-21 03:10	Nacho Barrientos	Move ICMP stuff to separate classes
ea96d5db	2020-11-19 10:15	Nacho Barrientos	Move ct rules from global to INPUT and OUTPUT
e4c32222	2020-11-13 09:55	Nacho Barrientos	Use concat for table conf generation This way other components of the module will be able to add extra stuff to the table definitions like sets.

Formats disponibles : Atom