Firewall: add InIFace/OutIFace Rules

(cherry picked from commit 717e693b2ad0bf39865ef28952f37670e70d8582)
author: Félix Sipma <felix.sipma@no-log.org> 2016-02-04 12:40:01 +0100
committer: Joey Hess <joeyh@joeyh.name> 2016-02-25 17:19:38 -0400
commit: 69f35659e205e69a017ff2f3f39393ed4c403937 (patch)
tree: d41ab185c551e97933c4ebca1edd890e5c9341cc
parent: 90219e30615e09779469ceae272cf41943d43585 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index 20b44845..a851f885 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -1,5 +1,5 @@
 -- | Maintainer: Arnaud Bailly <arnaud.oqube@gmail.com>
--- 
+--
 -- Properties for configuring firewall (iptables) rules
 
 module Propellor.Property.Firewall (
@@ -47,7 +47,8 @@ toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
 toIpTableArg (DPort (Port port)) = ["--dport", show port]
 toIpTableArg (DPortRange (Port f, Port t)) =
 	["--dport", show f ++ ":" ++ show t]
-toIpTableArg (IFace iface) = ["-i", iface]
+toIpTableArg (InIFace iface) = ["-i", iface]
+toIpTableArg (OutIFace iface) = ["-o", iface]
 toIpTableArg (Ctstate states) =
 	[ "-m"
 	, "conntrack"
@@ -80,7 +81,8 @@ data Rules
 	-- data type with proto + ports
 	| DPort Port
 	| DPortRange (Port,Port)
-	| IFace Network.Interface
+	| InIFace Network.Interface
+	| OutIFace Network.Interface
 	| Ctstate [ ConnectionState ]
 	| Rules :- Rules   -- ^Combine two rules
 	deriving (Eq, Show)
author	Félix Sipma <felix.sipma@no-log.org>	2016-02-04 12:40:01 +0100
committer	Joey Hess <joeyh@joeyh.name>	2016-02-25 17:19:38 -0400
commit	69f35659e205e69a017ff2f3f39393ed4c403937 (patch)
tree	d41ab185c551e97933c4ebca1edd890e5c9341cc
parent	90219e30615e09779469ceae272cf41943d43585 (diff)