From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 13 Aug 2010 20:16:00 +0000 (+0200)
Subject: ferm: support more than just the filter table
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;ds=sidebyside;h=eb1c3c23ef30e95c89671e19c2f6352c876ce836;p=mirror%2Fdsa-puppet.git

ferm: support more than just the filter table
---

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 467af752f..b228e69be 100644
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -1,5 +1,5 @@
 class ferm {
-    define rule($domain="ip", $chain="INPUT", $rule, $description="", $prio="00") {
+    define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00") {
         file {
             "/etc/ferm/dsa.d/${prio}_${name}":
                 ensure  => present,
diff --git a/modules/ferm/templates/ferm-rule.erb b/modules/ferm/templates/ferm-rule.erb
index b3e637a8e..ed27c423e 100644
--- a/modules/ferm/templates/ferm-rule.erb
+++ b/modules/ferm/templates/ferm-rule.erb
@@ -4,7 +4,9 @@
 ##
 
 domain <%= domain %> {
-        chain <%= chain %> {
-                <%= rule %>;
-        }
+	table <%= table %> {
+		chain <%= chain %> {
+			<%= rule %>;
+		}
+	}
 }