From: Patrick Hemmer <patrick.hemmer@gmail.com>
Date: Wed, 18 Dec 2013 17:49:27 +0000 (-0500)
Subject: allow input chain in nat table
X-Git-Tag: 0.5.0~21^2~1
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=a566f7aa6a579b1882b6c6d25ed507f2776cf497;p=puppet-modules%2Fpuppetlabs-firewall.git

allow input chain in nat table
---

diff --git a/lib/puppet/type/firewallchain.rb b/lib/puppet/type/firewallchain.rb
index 2ed1e5b..75ffa4e 100644
--- a/lib/puppet/type/firewallchain.rb
+++ b/lib/puppet/type/firewallchain.rb
@@ -56,8 +56,8 @@ Puppet::Type.newtype(:firewallchain) do
             raise ArgumentError, "PREROUTING, POSTROUTING, INPUT, FORWARD and OUTPUT are the only inbuilt chains that can be used in table 'mangle'"
           end
         when 'nat'
-          if chain =~ /^(BROUTING|INPUT|FORWARD)$/
-            raise ArgumentError, "PREROUTING, POSTROUTING and OUTPUT are the only inbuilt chains that can be used in table 'nat'"
+          if chain =~ /^(BROUTING|FORWARD)$/
+            raise ArgumentError, "PREROUTING, POSTROUTING, INPUT, and OUTPUT are the only inbuilt chains that can be used in table 'nat'"
           end
           if protocol =~/^(IP(v6)?)?$/
             raise ArgumentError, "table nat isn't valid in IPv6. You must specify ':IPv4' as the name suffix"