From 69f35659e205e69a017ff2f3f39393ed4c403937 Mon Sep 17 00:00:00 2001 From: FĂ©lix Sipma Date: Thu, 4 Feb 2016 12:40:01 +0100 Subject: Firewall: add InIFace/OutIFace Rules (cherry picked from commit 717e693b2ad0bf39865ef28952f37670e70d8582) --- src/Propellor/Property/Firewall.hs | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Property') diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs index 20b44845..a851f885 100644 --- a/src/Propellor/Property/Firewall.hs +++ b/src/Propellor/Property/Firewall.hs @@ -1,5 +1,5 @@ -- | Maintainer: Arnaud Bailly --- +-- -- Properties for configuring firewall (iptables) rules module Propellor.Property.Firewall ( @@ -47,7 +47,8 @@ toIpTableArg (Proto proto) = ["-p", map toLower $ show proto] toIpTableArg (DPort (Port port)) = ["--dport", show port] toIpTableArg (DPortRange (Port f, Port t)) = ["--dport", show f ++ ":" ++ show t] -toIpTableArg (IFace iface) = ["-i", iface] +toIpTableArg (InIFace iface) = ["-i", iface] +toIpTableArg (OutIFace iface) = ["-o", iface] toIpTableArg (Ctstate states) = [ "-m" , "conntrack" @@ -80,7 +81,8 @@ data Rules -- data type with proto + ports | DPort Port | DPortRange (Port,Port) - | IFace Network.Interface + | InIFace Network.Interface + | OutIFace Network.Interface | Ctstate [ ConnectionState ] | Rules :- Rules -- ^Combine two rules deriving (Eq, Show) -- cgit v1.2.3