]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/networking/templates/default/nftables.conf.erb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Reintroduce helper support and implement it
[chef.git] / cookbooks / networking / templates / default / nftables.conf.erb
diff --git a/cookbooks/networking/templates/default/nftables.conf.erb b/cookbooks/networking/templates/default/nftables.conf.erb
index 957955af4121d3432a28221d9635c336512fcb67..cc3cd8f7fe69465d0e208643793f00cb1d0f9384 100644 (file)
--- a/cookbooks/networking/templates/default/nftables.conf.erb
+++ b/cookbooks/networking/templates/default/nftables.conf.erb
@@ -57,6 +57,13 @@ table inet chef-filter {
 <%- end %>
   }
 
+<%- end %>
+
+<%- node[:networking][:firewall][:helpers].each do |helper| %>
+  ct helper <%= helper[:name] %> {
+    type "<%= helper[:helper] %>" protocol <%= helper[:protocol] %>
+  }
+
 <%- end %>
   chain log-and-drop {
     limit rate 1/second log
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.