diff options
| author | Tim Meusel <tim@bastelfreak.de> | 2019-07-12 09:47:23 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-12 09:47:23 +0200 |
| commit | d856acb9f857c80c65285ec3e09a4f9f37475d41 (patch) | |
| tree | 29effc4945a9831ce53c18526265c69ee426344b /README.md | |
| parent | 92bfbfed2e47ef3ff857623c5c5accda42dbf195 (diff) | |
| parent | 885c4b2ec6774d52cee6107dca61566283e3694f (diff) | |
| download | puppet-ferm-d856acb9f857c80c65285ec3e09a4f9f37475d41.tar.gz puppet-ferm-d856acb9f857c80c65285ec3e09a4f9f37475d41.tar.bz2 | |
Merge pull request #48 from bastelfreak/interface
add support for interface specific rules
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -139,6 +139,7 @@ the protocol we would like to filter. Allowed values are Enum['icmp', 'tcp', 'ud The protocol options we would like to add. The following example will suppress the hostname in programs like `traceroute`: + ```yaml --- ferm::rules: @@ -155,7 +156,8 @@ A comment that will be written into the file and into ip(6)tables #### `dport` -The destination port we want to filter for. Can be any string from /etc/services or an integer +The destination port we want to filter for. Can be any string from +/etc/services or an integer #### `sport` @@ -178,6 +180,10 @@ Same as above, just for the destination IP address Add or remove it from the ruleset +#### `interface` + +If set, this rule only applies to this specific interface + ### chain defined resource The module defines the three default chains for you, INPUT, FORWARD and OUTPUT. |