ferm: support more than just the filter table

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 467af75..b228e69 100644 (file)
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -1,5 +1,5 @@
 class ferm {
-    define rule($domain="ip", $chain="INPUT", $rule, $description="", $prio="00") {
+    define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00") {
         file {
             "/etc/ferm/dsa.d/${prio}_${name}":
                 ensure  => present,

diff --git a/modules/ferm/templates/ferm-rule.erb b/modules/ferm/templates/ferm-rule.erb
index b3e637a..ed27c42 100644 (file)
--- a/modules/ferm/templates/ferm-rule.erb
+++ b/modules/ferm/templates/ferm-rule.erb
@@ -4,7 +4,9 @@
 ##
 
 domain <%= domain %> {
-        chain <%= chain %> {
-                <%= rule %>;
-        }
+       table <%= table %> {
+               chain <%= chain %> {
+                       <%= rule %>;
+               }
+       }
 }