From b65afaf3f613f2ee23cb76560a88ad6a0bb457d3 Mon Sep 17 00:00:00 2001 From: jbondpdx Date: Fri, 17 Oct 2014 10:20:39 -0700 Subject: [PATCH] DOCUMENT-75: cstate param in my_fw::pre example should be state Fixed! --- README.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.markdown b/README.markdown index d76d7b98e..7a5c40595 100644 --- a/README.markdown +++ b/README.markdown @@ -67,7 +67,7 @@ Therefore, the run order is: * Your rules (defined in code) * The rules in `my_fw::post` -The rules in the `pre` and `post` classes are fairly general. These two classes ensure that you retain connectivity, and that you drop unmatched packets appropriately. The rules you define in your manifests are likely specific to the applications you run. +The rules in the `pre` and `post` classes are fairly general. These two classes ensure that you retain connectivity and that you drop unmatched packets appropriately. The rules you define in your manifests are likely specific to the applications you run. 1. Add the `pre` class to `my_fw/manifests/pre.pp`. `pre.pp` should contain any default rules to be applied first. The rules in this class should be added in the order you want them to run. @@ -88,12 +88,12 @@ The rules in the `pre` and `post` classes are fairly general. These two classes }-> firewall { '002 accept related established rules': proto => 'all', - ctstate => ['RELATED', 'ESTABLISHED'], + state => ['RELATED', 'ESTABLISHED'], action => 'accept', } } -The rules in `pre` should allow basic networking (such as ICMP and TCP), and ensure that existing connections are not closed. +The rules in `pre` should allow basic networking (such as ICMP and TCP) and ensure that existing connections are not closed. 2. Add the `post` class to `my_fw/manifests/post.pp` and include any default rules to be applied last.