summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog2
-rw-r--r--src/Propellor/Property/Firewall.hs13
2 files changed, 8 insertions, 7 deletions
diff --git a/debian/changelog b/debian/changelog
index 24bbe84a..3ee27088 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,7 @@
propellor (2.7.1) UNRELEASED; urgency=medium
* Make sure that make is installed when bootstrapping propellor.
- * Fix bug in Firewall.toIpTableArg.
+ * Fix bug in Firewall's Port datatype to iptable parameter translation code.
Thanks, Antoine Eiche.
-- Joey Hess <id@joeyh.name> Wed, 12 Aug 2015 19:19:28 -0400
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index dafdcc6d..dd82fcc8 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -42,13 +42,14 @@ toIpTable r = map Param $
(toIpTableArg (ruleRules r)) ++ [ "-j" , show $ ruleTarget r ]
toIpTableArg :: Rules -> [String]
-toIpTableArg Everything = []
-toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
+toIpTableArg Everything = []
+toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
toIpTableArg (DPort (Port port)) = ["--dport", show port]
-toIpTableArg (DPortRange (Port f, Port t)) = ["--dport", show f ++ ":" ++ show t]
-toIpTableArg (IFace iface) = ["-i", iface]
-toIpTableArg (Ctstate states) = ["-m", "conntrack","--ctstate", concat $ intersperse "," (map show states)]
-toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
+toIpTableArg (DPortRange
+ (Port f, Port t)) = ["--dport", show f ++ ":" ++ show t]
+toIpTableArg (IFace iface) = ["-i", iface]
+toIpTableArg (Ctstate states) = ["-m", "conntrack","--ctstate", concat $ intersperse "," (map show states)]
+toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
data Rule = Rule
{ ruleChain :: Chain