-
-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make filtering on dest addr optional
Previously `$destination_addresses` was an array with the public ipv6/ipv4 addresses. Those were used as destination address in the firewall rules. People might have dynamic local ips so this won't work/creates a lot of noise due to constant firewall rule updates. As a fix, it was already possible to set `$destination_addresses` to an empty Array (`[]`). But passing this to the `daddr` parameter in ferm::rule created a broken firewall rule. This patch sets the `daddr` parameter to `undef` if `$destination_addresses` is an empty array.
- Loading branch information
1 parent
da0fb8a
commit 61c7377
Showing
2 changed files
with
27 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters