summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFĂ©lix Sipma2016-03-07 14:41:19 +0100
committerJoey Hess2016-03-07 16:32:03 -0400
commitc9dbae56a34775b6e4e49b24535a8e6bacb0e7ce (patch)
tree89e0b4cdeb39a74dcfd4ea92de497af0b2162e08
parent476e242b0fc242e36f00d3c182c557e83e92c300 (diff)
Firewall: add NatDestination to Rules
(cherry picked from commit df40046fd65bc07eced41adb73c7e227d2b54cd1)
-rw-r--r--src/Propellor/Property/Firewall.hs5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index ec814c37..fa1f95d4 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -87,6 +87,10 @@ toIpTableArg (Destination ipwm) =
[ "-d"
, intercalate "," (map fromIPWithMask ipwm)
]
+toIpTableArg (NatDestination ip mport) =
+ [ "--to-destination"
+ , fromIPAddr ip ++ maybe "" (\p -> ":" ++ fromPort p) mport
+ ]
toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
data IPWithMask = IPWithNoMask IPAddr | IPWithIPMask IPAddr IPAddr | IPWithNumMask IPAddr Int
@@ -177,6 +181,7 @@ data Rules
| TCPSyn
| Source [ IPWithMask ]
| Destination [ IPWithMask ]
+ | NatDestination IPAddr (Maybe Port)
| Rules :- Rules -- ^Combine two rules
deriving (Eq, Show)