Firewall: add NatDestination to Rules

(cherry picked from commit df40046fd65bc07eced41adb73c7e227d2b54cd1)
author: Félix Sipma <felix.sipma@no-log.org> 2016-03-07 14:41:19 +0100
committer: Joey Hess <joeyh@joeyh.name> 2016-03-07 16:32:03 -0400
commit: c9dbae56a34775b6e4e49b24535a8e6bacb0e7ce (patch)
tree: 89e0b4cdeb39a74dcfd4ea92de497af0b2162e08 /src/Propellor/Property/Firewall.hs
parent: 476e242b0fc242e36f00d3c182c557e83e92c300 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index ec814c37..fa1f95d4 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -87,6 +87,10 @@ toIpTableArg (Destination ipwm) =
 	[ "-d"
 	, intercalate "," (map fromIPWithMask ipwm)
 	]
+toIpTableArg (NatDestination ip mport) =
+	[ "--to-destination"
+	, fromIPAddr ip ++ maybe "" (\p -> ":" ++ fromPort p) mport
+	]
 toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
 
 data IPWithMask = IPWithNoMask IPAddr | IPWithIPMask IPAddr IPAddr | IPWithNumMask IPAddr Int
@@ -177,6 +181,7 @@ data Rules
 	| TCPSyn
 	| Source [ IPWithMask ]
 	| Destination [ IPWithMask ]
+	| NatDestination IPAddr (Maybe Port)
 	| Rules :- Rules   -- ^Combine two rules
 	deriving (Eq, Show)
author	Félix Sipma <felix.sipma@no-log.org>	2016-03-07 14:41:19 +0100
committer	Joey Hess <joeyh@joeyh.name>	2016-03-07 16:32:03 -0400
commit	c9dbae56a34775b6e4e49b24535a8e6bacb0e7ce (patch)
tree	89e0b4cdeb39a74dcfd4ea92de497af0b2162e08 /src/Propellor/Property/Firewall.hs
parent	476e242b0fc242e36f00d3c182c557e83e92c300 (diff)