diff --git a/manifests/iptables/pre.pp b/manifests/iptables/pre.pp
index 528b3ed2fc70bf4e613b57621487c440b456adf6..55e16d2b94675ab79a1f9392dd16dfe8acdc9572 100644
--- a/manifests/iptables/pre.pp
+++ b/manifests/iptables/pre.pp
@@ -6,61 +6,61 @@ class lysnetwork::iptables::pre {
firewall { '000 accept all icmp':
proto => 'icmp',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '001 accept all to lo interface':
proto => 'all',
iniface => 'lo',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '002 accept all from Lysator':
proto => 'all',
source => '130.236.254.0/24',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '003 accept all from Lysator':
proto => 'all',
source => '130.236.253.0/24',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '004 accept all from Lysator':
proto => 'all',
source => '192.168.0.0/16',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '005 accept all from Lysator':
proto => 'all',
source => '172.16.0.0/12',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '006 accept all from Lysator':
proto => 'all',
source => '10.0.0.0/9',
- action => 'accept',
+ jump => 'accept',
}
-> firewall { '007 accept related established rules':
proto => 'all',
state => ['RELATED', 'ESTABLISHED'],
- action => 'accept',
+ jump => 'accept',
}
# IPv6 config
firewall { '000 accept all icmp IPv6':
proto => 'ipv6-icmp',
- action => 'accept',
+ jump => 'accept',
protocol => 'ip6tables',
}
-> firewall { '001 accept all from Lysator IPv6':
proto => 'all',
source => '2001:6b0:17:f0a0::0/64',
- action => 'accept',
+ jump => 'accept',
protocol => 'ip6tables',
}
-> firewall { '002 accept related established rules IPv6':
proto => 'all',
state => ['RELATED', 'ESTABLISHED'],
- action => 'accept',
+ jump => 'accept',
protocol => 'ip6tables',
}
}
diff --git a/manifests/iptables_default_deny.pp b/manifests/iptables_default_deny.pp
index c4c9ea1470208b1649e26fa093c0de094c5ec8b3..ca9ac09bcb7bc35668f3e0676b888111453c0ef5 100644
--- a/manifests/iptables_default_deny.pp
+++ b/manifests/iptables_default_deny.pp
@@ -24,36 +24,36 @@ class lysnetwork::iptables_default_deny {
firewall { '000 accept all icmp':
proto => icmp,
- action => accept,
+ jump => 'accept',
}
-> firewall { '001 accept all on lo':
proto => all,
iniface => 'lo',
- action => accept,
+ jump => 'accept',
}
-> firewall { '002 accept related and established':
proto => all,
state => ['RELATED', 'ESTABLISHED',],
- action => accept,
+ jump => 'accept',
}
# IPV6
firewall { '000 accept all icmp ipv6':
proto => 'ipv6-icmp',
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
-> firewall { '001 accept all on lo ipv6':
proto => all,
iniface => 'lo',
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
-> firewall { '002 accept related and established ipv6':
proto => all,
state => ['RELATED', 'ESTABLISHED',],
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
@@ -61,13 +61,13 @@ class lysnetwork::iptables_default_deny {
firewall { '922 allow ssh':
proto => tcp,
dport => '22',
- action => accept,
+ jump => 'accept',
}
firewall { '922 allow ssh ipv6':
proto => tcp,
dport => '22',
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
}
diff --git a/manifests/iptables_only_lysator.pp b/manifests/iptables_only_lysator.pp
index fb574a2a3b983a71be2e4145922600e86d8db343..d5f6df6aa229dbf7b86ba554660cab2b2ef85753 100644
--- a/manifests/iptables_only_lysator.pp
+++ b/manifests/iptables_only_lysator.pp
@@ -23,19 +23,19 @@ class lysnetwork::iptables_only_lysator {
firewall { '001 accept all on lo':
proto => all,
iniface => 'lo',
- action => accept,
+ jump => 'accept',
}
firewall { '002 accept related and established':
proto => all,
state => ['RELATED', 'ESTABLISHED',],
- action => accept,
+ jump => 'accept',
}
firewall { '003 allow lysators ipv4 network':
proto => all,
source => '130.236.254.0/24',
- action => accept,
+ jump => 'accept',
protocol => 'iptables'
}
@@ -44,21 +44,21 @@ class lysnetwork::iptables_only_lysator {
firewall { '001 accept all on lo ipv6':
proto => all,
iniface => 'lo',
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
firewall { '002 accept related and established ipv6':
proto => all,
state => ['RELATED', 'ESTABLISHED',],
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables',
}
firewall { '003 allow lysators ipv6 network':
proto => all,
source => '2001:6b0:17:f0a0::/64',
- action => accept,
+ jump => 'accept',
protocol => 'ip6tables'
}
}