1 files changed, 20 insertions, 24 deletions

diff --git a/acf/modules/awall.lua b/acf/modules/awall.lua
index 91b6a84..9e456da 100644
--- a/acf/modules/awall.lua
+++ b/acf/modules/awall.lua
@@ -28,7 +28,7 @@ IPSet.range = M.Range{type=M.net.IPv4Address}
 
 local Service = M.new()
 Service.proto = M.String{required=true, ui_name='Protocol'}
-Service.port = M.Collection{type=M.Range{type=M.net.Port}}
+Service.port = M.Set{type=M.Range{type=M.net.Port}}
 Service['icmp-type'] = M.String{ui_name='ICMP type'}
 Service['ct-helper'] = M.String{ui_name='Connection tracking helper'}
 
@@ -51,22 +51,22 @@ LogClass.threshold = M.Integer
 
 local IPSetReference = M.new()
 IPSetReference.name = M.Reference{scope='../../../ipset', required=true}
-IPSetReference.args = M.Collection{
+IPSetReference.args = M.List{
    type=Direction, required=true, ui_name='Arguments'
 }
 
 local Rule = M.new()
-Rule['in'] = M.Collection{
+Rule['in'] = M.Set{
    type=M.Reference{scope='../../../zone'}, ui_name='Ingess zones'
 }
-Rule.out = M.Collection{
+Rule.out = M.Set{
    type=M.Reference{scope='../../../zone'}, ui_name='Egress zones'
 }
-Rule.src = M.Collection{type=M.String, ui_name='Sources'}
-Rule.dest = M.Collection{type=M.String, ui_name='Destinations'}
+Rule.src = M.Set{type=M.String, ui_name='Sources'}
+Rule.dest = M.Set{type=M.String, ui_name='Destinations'}
 Rule.ipset = M.Model{model=IPSetReference, ui_name='IP set'}
 Rule.ipsec = Direction{ui_name='Require IPsec'}
-Rule.service = M.Collection{type=M.Reference{scope='../../../service'}}
+Rule.service = M.Set{type=M.Reference{scope='../../../service'}}
 Rule.action = M.String{choice={'accept'}}
 
 
@@ -89,7 +89,7 @@ FilterRule['conn-limit'] = M.Model{model=Limit, ui_name='Connection limit'}
 FilterRule['flow-limit'] = M.Model{model=Limit, ui_name='Flow limit'}
 FilterRule.dnat = M.net.IPv4Address{ui_name='DNAT target'}
 FilterRule['no-track'] = M.Boolean{default=false, ui_name='CT bypass'}
-FilterRule.related = M.Collection{type=Rule, ui_name='Related packet rules'}
+FilterRule.related = M.List{type=Rule, ui_name='Related packet rules'}
 
 local DivertRule = M.new(Rule)
 DivertRule['to-port'] = M.Range{type=M.net.Port, ui_name='Target port'}
@@ -106,40 +106,36 @@ ClampMSSRule.mss = M.Integer{ui_name='MSS'}
 
 local AWall = M.new()
 -- TODO differentiate lists?
-AWall.service = M.Collection{type=M.Collection{type=Service}}
+AWall.service = M.Collection{type=M.List{type=Service}}
 AWall.zone = M.Collection{type=Zone}
 AWall.log = M.Collection{
    type=LogClass, ui_name='Log classes', ui_member='Log class'
 }
-AWall.policy = M.Collection{
-   type=PolicyRule, ui_name='Policies', ui_member='Policy'
-}
-AWall['packet-log'] = M.Collection{
+AWall.policy = M.List{type=PolicyRule, ui_name='Policies', ui_member='Policy'}
+AWall['packet-log'] = M.List{
    type=PacketLogRule, ui_name='Logging', ui_member='Logging rule'
 }
-AWall.filter = M.Collection{type=FilterRule}
-AWall.dnat = M.Collection{type=NATRule, ui_name='DNAT', ui_member='DNAT rule'}
-AWall.snat = M.Collection{type=NATRule, ui_name='SNAT', ui_member='SNAT rule'}
-AWall.mark = M.Collection{
+AWall.filter = M.List{type=FilterRule}
+AWall.dnat = M.List{type=NATRule, ui_name='DNAT', ui_member='DNAT rule'}
+AWall.snat = M.List{type=NATRule, ui_name='SNAT', ui_member='SNAT rule'}
+AWall.mark = M.List{
    type=MarkRule, ui_name='Packet marking', ui_member='Packet marking rule'
 }
-AWall['route-track'] = M.Collection{
+AWall['route-track'] = M.List{
    type=MarkRule, ui_name='Route tracking', ui_member='Route tracking rule'
 }
-AWall.tproxy = M.Collection{
+AWall.tproxy = M.List{
    type=DivertRule,
    ui_name='Transparent proxy',
    ui_member='Transparent proxy rule'
 }
-AWall['clamp-mss'] = M.Collection{
+AWall['clamp-mss'] = M.List{
    type=ClampMSSRule, ui_name='MSS clamping', ui_member='MSS clamping rule'
 }
-AWall['no-track'] = M.Collection{
+AWall['no-track'] = M.List{
    type=Rule, ui_name='CT bypass', ui_member='Connection tracking bypass rule'
 }
-AWall.ipset = M.Collection{
-   type=IPSet, ui_name='IP sets', ui_member='IP set'
-}
+AWall.ipset = M.Collection{type=IPSet, ui_name='IP sets', ui_member='IP set'}
 
 M.register(
    'awall',