Merge remote-tracking branch 'spwhitton/sbuild'

author: Joey Hess <joeyh@joeyh.name> 2016-05-23 11:19:21 -0400
committer: Joey Hess <joeyh@joeyh.name> 2016-05-23 11:19:21 -0400
commit: 96b92edc63a6754f6574325a700b2f1ebea59c59 (patch)
tree: 92e394ee1862015e207f26413a87d77dd8225b24 /src/Propellor/Property/Firewall.hs
parent: 7024be7db4021f059380afde9a0f48b99d456bf4 (diff)
parent: 83c65ad3b4dc3c3c54a0c2c99bf7566739a4a01a (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index ce0befcd..3ea19ffa 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -79,6 +79,12 @@ toIpTableArg (TCPFlags m c) =
 	, intercalate "," (map show c)
 	]
 toIpTableArg TCPSyn = ["--syn"]
+toIpTableArg (GroupOwner (Group g)) =
+	[ "-m"
+	, "owner"
+	, "--gid-owner"
+	, g
+	]
 toIpTableArg (Source ipwm) =
 	[ "-s"
 	, intercalate "," (map fromIPWithMask ipwm)
@@ -87,6 +93,11 @@ toIpTableArg (Destination ipwm) =
 	[ "-d"
 	, intercalate "," (map fromIPWithMask ipwm)
 	]
+toIpTableArg (NotDestination ipwm) =
+	[ "!"
+	, "-d"
+	, intercalate "," (map fromIPWithMask ipwm)
+	]
 toIpTableArg (NatDestination ip mport) =
 	[ "--to-destination"
 	, fromIPAddr ip ++ maybe "" (\p -> ":" ++ fromPort p) mport
@@ -179,8 +190,10 @@ data Rules
 	| RateLimit Frequency
 	| TCPFlags TCPFlagMask TCPFlagComp
 	| TCPSyn
+	| GroupOwner Group
 	| Source [ IPWithMask ]
 	| Destination [ IPWithMask ]
+	| NotDestination [ IPWithMask ]
 	| NatDestination IPAddr (Maybe Port)
 	| Rules :- Rules   -- ^Combine two rules
 	deriving (Eq, Show)
author	Joey Hess <joeyh@joeyh.name>	2016-05-23 11:19:21 -0400
committer	Joey Hess <joeyh@joeyh.name>	2016-05-23 11:19:21 -0400
commit	96b92edc63a6754f6574325a700b2f1ebea59c59 (patch)
tree	92e394ee1862015e207f26413a87d77dd8225b24 /src/Propellor/Property/Firewall.hs
parent	7024be7db4021f059380afde9a0f48b99d456bf4 (diff)
parent	83c65ad3b4dc3c3c54a0c2c99bf7566739a4a01a (diff)