| EOF
}
- @ferm::rule { 'dsa-f2b-setup':
+ @ferm::rule { 'dsa-f2b-setup1':
prio => '005',
description => 'f2b master rule',
- chain => 'INPUT',
+ chain => 'dsa-f2b',
domain => '(ip ip6)',
- rule => 'saddr 0/0 @subchain "dsa-f2b" {}',
+ rule => '',
notarule => true,
}
+ @ferm::rule { 'dsa-f2b-setup2':
+ prio => '005',
+ description => 'f2b master rule',
+ chain => 'INPUT',
+ domain => '(ip ip6)',
+ rule => 'jump dsa-f2b',
+ }
# XXX Maybe this will be automatically done in buster, it is certainly needed in stretch. So maybe: versioncmp($::lsbmajdistrelease, '9') <= 0
concat::fragment { 'dsa-puppet-stuff--fail2ban-cleanup':
projects / mirror / dsa-puppet.git / commitdiff