diff options
| author | lassulus <lass@aidsballs.de> | 2015-07-13 13:39:49 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-07-16 15:47:28 +0200 |
| commit | 69e1390f32a4c427540388817ad70e69f461a76e (patch) | |
| tree | 049777923f431beab9b3fd0a5e1c3953f4418451 /old/modules/lass/iptables/options.nix | |
| parent | 7b7f7d331dd066ee9c653db611f66305783e8ff5 (diff) | |
"rebase"
Diffstat (limited to 'old/modules/lass/iptables/options.nix')
| -rw-r--r-- | old/modules/lass/iptables/options.nix | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/old/modules/lass/iptables/options.nix b/old/modules/lass/iptables/options.nix new file mode 100644 index 0000000..eb3bfc0 --- /dev/null +++ b/old/modules/lass/iptables/options.nix @@ -0,0 +1,44 @@ +{ lib, ... }: + +let + inherit (lib) mkEnableOption mkOption types; +in + +{ + enable = mkEnableOption "iptables"; + + #tables.filter.INPUT = { + # policy = "DROP"; + # rules = [ + # { predicate = "-i retiolum"; target = "ACCEPT"; priority = -10; } + # ]; + #}; + #new api + tables = mkOption { + type = with types; attrsOf (attrsOf (submodule ({ + options = { + policy = mkOption { + type = str; + default = "-"; + }; + rules = mkOption { + type = nullOr (listOf (submodule ({ + options = { + predicate = mkOption { + type = str; + }; + target = mkOption { + type = str; + }; + precedence = mkOption { + type = int; + default = 0; + }; + }; + }))); + default = null; + }; + }; + }))); + }; +} |