From b8bd30bbafe22a7545cbc77a3c8f3903e434153c Mon Sep 17 00:00:00 2001
From: Hunter Haugen <hunter@puppetlabs.com>
Date: Wed, 20 Aug 2014 16:39:59 -0700
Subject: [PATCH] Update docs, remove feature, and rename property

---
 README.markdown                          |  8 +++++++
 lib/puppet/provider/firewall/iptables.rb |  4 ----
 lib/puppet/type/firewall.rb              | 30 ++++++++++--------------
 3 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/README.markdown b/README.markdown
index 046c4c0..d76d7b9 100644
--- a/README.markdown
+++ b/README.markdown
@@ -579,6 +579,14 @@ firewall { '101 blacklist strange traffic':
 
   Requires the `address_type` feature.
 
+* `stat_every`: Match one packet every nth packet. Requires `stat_mode => 'nth'`
+
+* `stat_mode`: Set the matching mode for statistic matching. Supported modes are `random` and `nth`.
+
+* `stat_packet`: Set the initial counter value for the nth mode. Must be between 0 and the value of `stat_every`. Defaults to 0. Requires `stat_mode => 'nth'`
+
+* `stat_probability`: Set the probability from 0 to 1 for a packet to be randomly matched. It works only with `stat_mode => 'random'`.
+
 * `state`: Matches a packet based on its state in the firewall stateful inspection table. Valid values are: 'INVALID', 'ESTABLISHED', 'NEW', 'RELATED'. Requires the `state_match` feature.
 
 * `table`: Table to use. Valid values are: 'nat', 'mangle', 'filter', 'raw', 'rawpost'. By default the setting is 'filter'. Requires the `iptables` feature.
diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 1f0dd7b..baf0296 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -29,10 +29,6 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
   has_feature :ipsec_dir
   has_feature :ipsec_policy
   has_feature :mask
-  has_feature :stat_mode
-  has_feature :stat_every
-  has_feature :stat_packet
-  has_feature :stat_prob
 
   optional_commands({
     :iptables => 'iptables',
diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index 538efcb..9c813e5 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -54,10 +54,6 @@ Puppet::Type.newtype(:firewall) do
   feature :ipsec_policy, "Match IPsec policy"
   feature :ipsec_dir, "Match IPsec policy direction"
   feature :mask, "Ability to match recent rules based on the ipv4 mask"
-  feature :stat_mode, "Match packets based on staistic mode"
-  feature :stat_every, "Match one packet every nth time"
-  feature :stat_packet, "Set initial counter"
-  feature :stat_prob, "Match packets based on probability"
 
   # provider specific features
   feature :iptables, "The provider provides iptables features."
@@ -906,17 +902,17 @@ Puppet::Type.newtype(:firewall) do
     newvalues(:in, :out)
   end
 
-  newproperty(:stat_mode, :required_features => :stat_mode) do
+  newproperty(:stat_mode) do
     desc <<-EOS
-      Sets the statistic modoule mode
+      Set the matching mode for statistic matching. Supported modes are `random` and `nth`.
     EOS
 
     newvalues(:nth, :random)
   end
 
-  newproperty(:stat_every, :required_features => :stat_mode) do
+  newproperty(:stat_every) do
     desc <<-EOS
-      Match every nth packet (used with 'nth' mode)
+      Match one packet every nth packet. Requires `stat_mode => 'nth'`
     EOS
 
     validate do |value|
@@ -934,29 +930,29 @@ Puppet::Type.newtype(:firewall) do
     end
   end
 
-  newproperty(:stat_packet, :required_features => :stat_mode) do
+  newproperty(:stat_packet) do
     desc <<-EOS
-      Set initial counter (used with 'nth' mode)
+      Set the initial counter value for the nth mode. Must be between 0 and the value of `stat_every`. Defaults to 0. Requires `stat_mode => 'nth'`
     EOS
 
     newvalues(/^\d+$/)
   end
 
-  newproperty(:stat_prob, :required_features => :stat_mode) do
+  newproperty(:stat_probability) do
     desc <<-EOS
-      Set the probably for a packet to be matched (used with 'random' mode)
+      Set the probability from 0 to 1 for a packet to be randomly matched. It works only with `stat_mode => 'random'`.
     EOS
 
     validate do |value|
       unless value =~ /^([01])\.(\d+)$/
         raise ArgumentError, <<-EOS
-          stat_prob must be between 0.0 and 1.0
+          stat_probability must be between 0.0 and 1.0
         EOS
       end
 
       if $1.to_i == 1 && $2.to_i != 0
         raise ArgumentError, <<-EOS
-          start_prob must be between 0.0 and 1.0
+          start_probability must be between 0.0 and 1.0
         EOS
       end
     end
@@ -1143,7 +1139,7 @@ Puppet::Type.newtype(:firewall) do
       self.fail "Mask can only be set if recent is enabled."
     end
 
-    [:stat_packet, :stat_every, :stat_prob].each do |param|
+    [:stat_packet, :stat_every, :stat_probability].each do |param|
       if value(param) && ! value(:stat_mode)
         self.fail "Parameter '#{param.to_s}' requires 'stat_mode' to be set"
       end
@@ -1157,8 +1153,8 @@ Puppet::Type.newtype(:firewall) do
       self.fail "Parameter 'stat_every' requires 'stat_mode' to be set to 'nth'"
     end
 
-    if value(:stat_prob) && value(:stat_mode) != :random
-      self.fail "Parameter 'stat_prob' requires 'stat_mode' to be set to 'random'"
+    if value(:stat_probability) && value(:stat_mode) != :random
+      self.fail "Parameter 'stat_probability' requires 'stat_mode' to be set to 'random'"
     end
 
   end
-- 
2.45.2