Puppet Class: nftables::inet_filter::fwd_conntrack

Defined in:
manifests/inet_filter/fwd_conntrack.pp

Summary

enable conntrack for fwd

Overview



2
3
4
5
6
7
8
9
10
11
12
13
14
 
# File 'manifests/inet_filter/fwd_conntrack.pp', line 2

class nftables::inet_filter::fwd_conntrack {
  nftables::rule {
    'FORWARD-accept_established_related':
      order   => '05',
      content => 'ct state established,related accept';
  }
  if $nftables::fwd_drop_invalid {
    nftables::rule { 'FORWARD-drop_invalid':
      order   => '06',
      content => 'ct state invalid drop';
    }
  }
}