propellor-3.0.1: property-based host configuration management in haskell

MaintainerArnaud Bailly <arnaud.oqube@gmail.com>
Safe HaskellNone
LanguageHaskell98

Propellor.Property.Firewall

Description

Properties for configuring firewall (iptables) rules

Documentation

rule :: Chain -> Table -> Target -> Rules -> Property Linux Source

installed :: Property DebianLike Source

data Chain Source

Constructors

INPUT 
OUTPUT 
FORWARD 
PREROUTING 
POSTROUTING 
ChainCustom String 

Instances

data Table Source

Constructors

Filter 
Nat 
Mangle 
Raw 
Security 

Instances

data Target Source

Constructors

ACCEPT 
REJECT 
DROP 
LOG 
TargetCustom String 

Instances

data Proto Source

Constructors

TCP 
UDP 
ICMP 

Instances

data Rules Source

Constructors

Everything 
Proto Proto

There is actually some order dependency between proto and port so this should be a specific data type with proto + ports

DPort Port 
DPortRange (Port, Port) 
InIFace Interface 
OutIFace Interface 
Ctstate [ConnectionState] 
ICMPType ICMPTypeMatch 
RateLimit Frequency 
TCPFlags TCPFlagMask TCPFlagComp 
TCPSyn 
Source [IPWithMask] 
Destination [IPWithMask] 
NatDestination IPAddr (Maybe Port) 
Rules :- Rules infixl 0

Combine two rules

Instances

data ConnectionState Source

Constructors

ESTABLISHED 
RELATED 
NEW 
INVALID 

Instances

data ICMPTypeMatch Source

Constructors

ICMPTypeName String 
ICMPTypeCode Int 

Instances

data TCPFlag Source

Constructors

SYN 
ACK 
FIN 
RST 
URG 
PSH 
ALL 
NONE 

Instances

data Frequency Source

Constructors

NumBySecond Int 

Instances

data IPWithMask Source

Constructors

IPWithNoMask IPAddr 
IPWithIPMask IPAddr IPAddr 
IPWithNumMask IPAddr Int 

Instances

fromIPWithMask :: IPWithMask -> String Source