summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFĂ©lix Sipma2016-02-04 12:40:01 +0100
committerJoey Hess2016-02-25 17:19:38 -0400
commit69f35659e205e69a017ff2f3f39393ed4c403937 (patch)
treed41ab185c551e97933c4ebca1edd890e5c9341cc /src
parent90219e30615e09779469ceae272cf41943d43585 (diff)
Firewall: add InIFace/OutIFace Rules
(cherry picked from commit 717e693b2ad0bf39865ef28952f37670e70d8582)
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Firewall.hs8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index 20b44845..a851f885 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -1,5 +1,5 @@
-- | Maintainer: Arnaud Bailly <arnaud.oqube@gmail.com>
---
+--
-- Properties for configuring firewall (iptables) rules
module Propellor.Property.Firewall (
@@ -47,7 +47,8 @@ toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
toIpTableArg (DPort (Port port)) = ["--dport", show port]
toIpTableArg (DPortRange (Port f, Port t)) =
["--dport", show f ++ ":" ++ show t]
-toIpTableArg (IFace iface) = ["-i", iface]
+toIpTableArg (InIFace iface) = ["-i", iface]
+toIpTableArg (OutIFace iface) = ["-o", iface]
toIpTableArg (Ctstate states) =
[ "-m"
, "conntrack"
@@ -80,7 +81,8 @@ data Rules
-- data type with proto + ports
| DPort Port
| DPortRange (Port,Port)
- | IFace Network.Interface
+ | InIFace Network.Interface
+ | OutIFace Network.Interface
| Ctstate [ ConnectionState ]
| Rules :- Rules -- ^Combine two rules
deriving (Eq, Show)