diff options
Diffstat (limited to 'manifests/chain.pp')
| -rw-r--r-- | manifests/chain.pp | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/manifests/chain.pp b/manifests/chain.pp index 5b21912..6a01607 100644 --- a/manifests/chain.pp +++ b/manifests/chain.pp @@ -1,10 +1,12 @@ # defined resource which creates all rules for one chain -# @param policy [Ferm::Policies] Set the default policy for a CHAIN -# @param disable_conntrack [Boolean] disable/enable usage of conntrack -# @param chain [Ferm::Chains] name of the chain that should be managed +# @param policy Set the default policy for a CHAIN +# @param disable_conntrack Disable/Enable usage of conntrack +# @param chain Name of the chain that should be managed +# @param log_dropped_packets Enable/Disable logging of packets to the kernel log, if no explicit chain matched define ferm::chain ( Ferm::Policies $policy, Boolean $disable_conntrack, + Boolean $log_dropped_packets, Ferm::Chains $chain = $name, ) { @@ -24,4 +26,12 @@ define ferm::chain ( ), order => '01', } + + if $log_dropped_packets { + concat::fragment{"${chain}-footer": + target => "/etc/ferm.d/chains/${chain}.conf", + content => epp("${module_name}/ferm_chain_footer.conf.epp", { 'chain' => $chain }), + order => '99', + } + } } |