Firewall: add Frequency

(cherry picked from commit 26fd68a9cda543e74492dc71680d10eaa881f351)
author: Félix Sipma <felix.sipma@no-log.org> 2016-02-29 09:48:46 +0100
committer: Joey Hess <joeyh@joeyh.name> 2016-03-02 15:36:53 -0400
commit: 02edd1dca9b5554728201924a8ed786133b1c57d (patch)
tree: 907f2ec8f9d32c7a8d484a0c738fe022902584b6 /src
parent: 60a7dfeb65b72e2ef26e071c007f9d11fe9aebc2 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index 05d70f45..01664130 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -12,6 +12,7 @@ module Propellor.Property.Firewall (
 	Rules(..),
 	ConnectionState(..),
 	ICMPTypeMatch(..),
+	Frequency(..),
 	IPWithMask(..),
 	fromIPWithMask
 ) where
@@ -64,6 +65,11 @@ toIpTableArg (ICMPType i) =
 	, "icmp"
 	, "--icmp-type", fromICMPTypeMatch i
 	]
+toIpTableArg (RateLimit f) =
+	[ "-m"
+	, "limit"
+	, "--limit", fromFrequency f
+	]
 toIpTableArg (Source ipwm) =
 	[ "-s"
 	, intercalate "," (map fromIPWithMask ipwm)
@@ -177,6 +183,12 @@ fromICMPTypeMatch :: ICMPTypeMatch -> String
 fromICMPTypeMatch (ICMPTypeName t) = t
 fromICMPTypeMatch (ICMPTypeCode c) = show c
 
+data Frequency = NumBySecond Int
+	deriving (Eq, Show)
+
+fromFrequency :: Frequency -> String
+fromFrequency (NumBySecond n) = show n ++ "/second"
+
 data Rules
 	= Everything
 	| Proto Proto
@@ -188,6 +200,7 @@ data Rules
 	| OutIFace Network.Interface
 	| Ctstate [ ConnectionState ]
 	| ICMPType ICMPTypeMatch
+	| RateLimit Frequency
 	| Source [ IPWithMask ]
 	| Destination [ IPWithMask ]
 	| Rules :- Rules   -- ^Combine two rules
author	Félix Sipma <felix.sipma@no-log.org>	2016-02-29 09:48:46 +0100
committer	Joey Hess <joeyh@joeyh.name>	2016-03-02 15:36:53 -0400
commit	02edd1dca9b5554728201924a8ed786133b1c57d (patch)
tree	907f2ec8f9d32c7a8d484a0c738fe022902584b6 /src
parent	60a7dfeb65b72e2ef26e071c007f9d11fe9aebc2 (diff)