From aa49a1ef74facc26863d13cfcf3e12a089805a05 Mon Sep 17 00:00:00 2001
From: Andrey Voronkov <voronkovaa@gmail.com>
Date: Tue, 23 Aug 2022 17:52:04 +0300
Subject: [PATCH] Add new directives in rules which are currently unparsable by
 the module

---
 lib/puppet/provider/firewall/iptables.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 9b9c301..644a658 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -130,6 +130,8 @@ Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewa
     nflog_prefix: '--nflog-prefix',
     nflog_range: '--nflog-range',
     nflog_threshold: '--nflog-threshold',
+    on_port: '--on-port',
+    on_ip: '--on-ip',
     outiface: '-o',
     pkttype: '-m pkttype --pkt-type',
     port: '-m multiport --ports',
@@ -173,6 +175,8 @@ Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewa
     toports: '--to-ports',
     tosource: '--to-source',
     to: '--to',
+    transparent: '--transparent',
+    tproxy_mark: '--tproxy-mark',
     uid: '--uid-owner',
     u32: ['-m u32 --u32', '--u32'],
     physdev_in: '--physdev-in',
@@ -232,6 +236,7 @@ Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewa
     :rsource,
     :rttl,
     :socket,
+    :transparent,
     :physdev_is_bridged,
     :physdev_is_in,
     :physdev_is_out,
@@ -357,7 +362,8 @@ Puppet::Type.type(:firewall).provide :iptables, parent: Puppet::Provider::Firewa
     :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone,
     :src_cc, :dst_cc, :hashlimit_upto, :hashlimit_above, :hashlimit_name, :hashlimit_burst,
     :hashlimit_mode, :hashlimit_srcmask, :hashlimit_dstmask, :hashlimit_htable_size,
-    :hashlimit_htable_max, :hashlimit_htable_expire, :hashlimit_htable_gcinterval, :bytecode, :ipvs, :zone, :helper, :cgroup, :rpfilter, :condition, :name, :notrack
+    :hashlimit_htable_max, :hashlimit_htable_expire, :hashlimit_htable_gcinterval, :bytecode, :ipvs, :zone, :helper, :cgroup, :rpfilter, :condition, :name, :notrack,
+    :on_port, :on_ip, :tproxy_mark
   ]
 
   def insert
-- 
2.45.2