projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sallinen varnish
[mirror/dsa-puppet.git] / modules / ferm / templates / ferm.conf.erb
diff --git a/modules/ferm/templates/ferm.conf.erb b/modules/ferm/templates/ferm.conf.erb
index da573e5..b8a6b69 100644 (file)
--- a/modules/ferm/templates/ferm.conf.erb
+++ b/modules/ferm/templates/ferm.conf.erb
@@ -7,7 +7,7 @@
 
 @include 'conf.d/';
 
-<% if @lsbmajdistrelease >= '8' -%>
+<% if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) >= 0 -%>
 domain (ip ip6) {
         table filter {
               chain log_and_reject {
@@ -83,6 +83,7 @@ domain (ip ip6) {
         }
 }
 
+@hook pre "umask 0177; rm -f /var/run/iptables-ferm.checksum /var/run/ip6tables-ferm.checksum";
 @hook post "umask 0177; iptables-save | sed -e 's/\[.*//' -e 's/^#.*//' | sha256sum > /var/run/iptables-ferm.checksum";
 @hook post "umask 0177; ip6tables-save | sed -e 's/\[.*//' -e 's/^#.*//' | sha256sum > /var/run/ip6tables-ferm.checksum";
 # vim:set et:
Unnamed repository; edit this file 'description' to name the repository.