Merge branch 'master' into joeyconfig

author: Joey Hess <joeyh@joeyh.name> 2016-05-23 11:25:41 -0400
committer: Joey Hess <joeyh@joeyh.name> 2016-05-23 11:25:41 -0400
commit: 9435ca9d7916c59fa37e2e4c3983dcd6eb20d8c0 (patch)
tree: c7cea9fad8eb237f3aee7543fbcbc81b368cf7ef /src/Propellor/Property/Firewall.hs
parent: 7869b471f953c16fa73bc45f3651dba6138a1af6 (diff)
parent: 864d47361ba34d851a9bbb34a6242854c042e556 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index ce0befcd..3ea19ffa 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -79,6 +79,12 @@ toIpTableArg (TCPFlags m c) =
 	, intercalate "," (map show c)
 	]
 toIpTableArg TCPSyn = ["--syn"]
+toIpTableArg (GroupOwner (Group g)) =
+	[ "-m"
+	, "owner"
+	, "--gid-owner"
+	, g
+	]
 toIpTableArg (Source ipwm) =
 	[ "-s"
 	, intercalate "," (map fromIPWithMask ipwm)
@@ -87,6 +93,11 @@ toIpTableArg (Destination ipwm) =
 	[ "-d"
 	, intercalate "," (map fromIPWithMask ipwm)
 	]
+toIpTableArg (NotDestination ipwm) =
+	[ "!"
+	, "-d"
+	, intercalate "," (map fromIPWithMask ipwm)
+	]
 toIpTableArg (NatDestination ip mport) =
 	[ "--to-destination"
 	, fromIPAddr ip ++ maybe "" (\p -> ":" ++ fromPort p) mport
@@ -179,8 +190,10 @@ data Rules
 	| RateLimit Frequency
 	| TCPFlags TCPFlagMask TCPFlagComp
 	| TCPSyn
+	| GroupOwner Group
 	| Source [ IPWithMask ]
 	| Destination [ IPWithMask ]
+	| NotDestination [ IPWithMask ]
 	| NatDestination IPAddr (Maybe Port)
 	| Rules :- Rules   -- ^Combine two rules
 	deriving (Eq, Show)
author	Joey Hess <joeyh@joeyh.name>	2016-05-23 11:25:41 -0400
committer	Joey Hess <joeyh@joeyh.name>	2016-05-23 11:25:41 -0400
commit	9435ca9d7916c59fa37e2e4c3983dcd6eb20d8c0 (patch)
tree	c7cea9fad8eb237f3aee7543fbcbc81b368cf7ef /src/Propellor/Property/Firewall.hs
parent	7869b471f953c16fa73bc45f3651dba6138a1af6 (diff)
parent	864d47361ba34d851a9bbb34a6242854c042e556 (diff)