search

voxpupuli / puppet-nftables

Puppet Module to manage nftables firewall rules.
Apache License 2.0
12 stars 33 forks source link

New clobber_default_config paramater #247

Closed traylenator closed 2 months ago

traylenator commented 2 months ago

Pull Request (PR) description

Certain OSes namely Debian and Archlinux provide default rules with the OS.

This module has always respected those rules and appended all of its own rules to the end of the existing rules.

The new parameter clobber_default_config if set true (default false) will drop any existing OS provided rules.

Also related to acceptance tests only on Archlinux where the default OS provided configuration requires kernel >= 6.3 we purge the default rules if required.

Fixes

traylenator commented 2 months ago

Along with #245 (centos8) and #246 (debian11) this should green up the tests. Merge them first and I'll rebase this one to confirm.