module Iptables.Types where
import Data.Set
import Data.Word
data Iptables = Iptables { tFilter :: [Chain]
, tNat :: [Chain]
, tMangle :: [Chain]
, tRaw :: [Chain]
}
deriving (Show, Eq)
data Chain = Chain { cName :: String
, cPolicy :: Policy
, cCounters :: Counters
, cRules :: [Rule]
}
deriving (Show)
instance Eq Chain where
(==) (Chain name1 policy1 _ rules1) (Chain name2 policy2 _ rules2) =
(name1 == name2) && (policy1 == policy2) && (rules1 == rules2)
data Policy = ACCEPT
| DROP
| PUNDEFINED
deriving (Show, Eq)
data Counters = Counters { cPackets :: Integer
, cBytes :: Integer
}
deriving (Show, Eq)
data Rule = Rule { rCounters :: Counters
, rOptions :: [RuleOption]
, rTarget :: RuleTarget
}
deriving (Show)
instance Eq Rule where
(==) (Rule _ opts1 tar1) (Rule _ opts2 tar2) = (opts1 == opts2) && (tar1 == tar2)
data RuleTarget = TAccept
| TDrop
| TReject RejectType
| TReturn
| TSNat NatAddress Bool Bool
| TDNat NatAddress Bool Bool
| TMasquerade NatPort Bool
| TRedirect NatPort Bool
| TUChain String
| TUnknown String [String]
deriving (Show, Eq)
data RejectType = RTNetUnreachable
| RTHostUnreachable
| RTPortUnreachable
| RTProtoUnreachable
| RTNetProhibited
| RTHostProhibited
| RTAdminProhibited
| RTTcpReset
deriving (Show, Eq)
data NatAddress = NAIp Word32 Word32
| NAIpPort Word32 Word32 Int Int
deriving (Show, Eq)
data NatPort = NatPort Int Int
| NatPortDefault
deriving (Show, Eq)
data RuleOption = OProtocol Bool Protocol
| OSource Bool Addr
| ODest Bool Addr
| OInInt Bool Interface
| OOutInt Bool Interface
| OState (Set CState)
| OFragment Bool
| OSourcePort Bool Port
| ODestPort Bool Port
| OTcpFlags Bool TcpFlags
| OSyn Bool
| OTcpOption Bool Int
| OIcmpType Bool Int
| OModule Module
| OLimit Bool Limit
| OLimitBurst Int
| OMacSource Bool String
| OMark Int Int
| OPort Bool Port
| OUidOwner Bool Int
| OGidOwner Bool Int
| OSidOwner Bool Int
| OTos Int
| OTtl Int
| OPhysDevIn Bool Interface
| OPhysDevOut Bool Interface
| OPhysDevIsIn Bool
| OPhysDevIsOut Bool
| OPhysDevIsBridged Bool
| OComment String
| OUnknown String Bool [String]
deriving (Show, Eq)
type Protocol = String
data Addr = AddrIP Word32
| AddrMask Word32 Word32
| AddrPref Word32 Int
deriving (Show, Eq)
data Interface = Interface String
deriving (Show, Eq)
data Port = Port [Int]
| PortRange Int Int
deriving (Show, Eq)
data TcpFlags = TcpFlags [Flag] [Flag]
deriving (Show, Eq)
data Flag = FSyn
| FAck
| FFin
| FRst
| FUrg
| FPsh
| FAll
| FNone
deriving (Show, Eq)
data Limit = Limit String
deriving (Show, Eq)
data CState = CStInvalid
| CStEstablished
| CStNew
| CStRelated
| CStUntracked
deriving (Show, Eq, Ord)
data Module = ModTcp
| ModUdp
| ModLimit
| ModMac
| ModMark
| ModMultiport
| ModOwner
| ModState
| ModTos
| ModTtl
| ModPhysDev
| ModComment
| ModOther String
deriving (Show, Eq)
data FilterChainType = FilterInvalidChain
| FilterValidChain
deriving (Show, Eq)
data NatChainType = NatUnknownChain
| NatInvalidChain
| NatDNatChain
| NatSNatChain
deriving (Show, Eq, Ord)