diff options
author | lassulus <lass@aidsballs.de> | 2016-11-26 19:10:02 +0100 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-11-26 19:10:02 +0100 |
commit | 2070da74ab09d5dacaf62c3d8a72adab41c0be37 (patch) | |
tree | fb600d626d8233ee56fb4719037be7a9ea756ec1 /krebs | |
parent | eb7d02406476e1b4002f05d4ac106593ce4e29ce (diff) |
k 3 iptables: add v4 and v6 options per rule
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/iptables.nix | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index d48ff6f2b..a4a4de6f9 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -46,6 +46,14 @@ let type = int; default = 0; }; + v4 = mkOption { + type = bool; + default = true; + }; + v6 = mkOption { + type = bool; + default = true; + }; }; }))); default = null; @@ -90,7 +98,8 @@ let buildChain = tn: cn: let - sortedRules = sort (a: b: a.precedence > b.precedence) ts."${tn}"."${cn}".rules; + filteredRules = filter (r: r."${v}") ts."${tn}"."${cn}".rules; + sortedRules = sort (a: b: a.precedence > b.precedence) filteredRules; in #TODO: double check should be unneccessary, refactor! |