summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFĂ©lix Sipma2016-02-29 09:48:46 +0100
committerJoey Hess2016-03-02 15:36:53 -0400
commit02edd1dca9b5554728201924a8ed786133b1c57d (patch)
tree907f2ec8f9d32c7a8d484a0c738fe022902584b6 /src
parent60a7dfeb65b72e2ef26e071c007f9d11fe9aebc2 (diff)
Firewall: add Frequency
(cherry picked from commit 26fd68a9cda543e74492dc71680d10eaa881f351)
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Firewall.hs13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index 05d70f45..01664130 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -12,6 +12,7 @@ module Propellor.Property.Firewall (
Rules(..),
ConnectionState(..),
ICMPTypeMatch(..),
+ Frequency(..),
IPWithMask(..),
fromIPWithMask
) where
@@ -64,6 +65,11 @@ toIpTableArg (ICMPType i) =
, "icmp"
, "--icmp-type", fromICMPTypeMatch i
]
+toIpTableArg (RateLimit f) =
+ [ "-m"
+ , "limit"
+ , "--limit", fromFrequency f
+ ]
toIpTableArg (Source ipwm) =
[ "-s"
, intercalate "," (map fromIPWithMask ipwm)
@@ -177,6 +183,12 @@ fromICMPTypeMatch :: ICMPTypeMatch -> String
fromICMPTypeMatch (ICMPTypeName t) = t
fromICMPTypeMatch (ICMPTypeCode c) = show c
+data Frequency = NumBySecond Int
+ deriving (Eq, Show)
+
+fromFrequency :: Frequency -> String
+fromFrequency (NumBySecond n) = show n ++ "/second"
+
data Rules
= Everything
| Proto Proto
@@ -188,6 +200,7 @@ data Rules
| OutIFace Network.Interface
| Ctstate [ ConnectionState ]
| ICMPType ICMPTypeMatch
+ | RateLimit Frequency
| Source [ IPWithMask ]
| Destination [ IPWithMask ]
| Rules :- Rules -- ^Combine two rules