diff options
Diffstat (limited to 'acf/modules')
| -rw-r--r-- | acf/modules/awall.lua | 37 | ||||
| -rw-r--r-- | acf/modules/net.lua | 25 |
2 files changed, 31 insertions, 31 deletions
diff --git a/acf/modules/awall.lua b/acf/modules/awall.lua index bb9cedc..76f9943 100644 --- a/acf/modules/awall.lua +++ b/acf/modules/awall.lua @@ -6,37 +6,12 @@ See LICENSE file for license details module(..., package.seeall) local M = require('acf.model') - local object = require('acf.object') -local class = object.class -local super = object.super - - -IPv4Addr = class(M.String) -function IPv4Addr:validate(context, value) - local function test(...) - if #arg ~= 4 then return true end - for _, octet in ipairs(arg) do - if tonumber(octet) > 255 then return true end - end - end - if test(string.match(value, '(%d+)%.(%d+)%.(%d+)%.(%d+)')) then - M.error.raise(context.path, 'Invalid IP address') - end -end - -Port = class(M.Integer) -function Port:validate(txn, path, value) - super(self, Port):validate(txn, path, value) - if value < 0 or value > 65535 then M.error.raise(path, 'Invalid port') end -end -PortRange = class(M.Range) -function PortRange:init() super(self, PortRange):init{type=Port} end -Direction = class(M.String) +Direction = object.class(M.String) function Direction:init() - super(self, Direction):init{choice={'in', 'out'}} + object.super(self, Direction):init{choice={'in', 'out'}} end @@ -49,7 +24,7 @@ IPSet.family = M.String{required=true, choice={'inet', 'inet6'}} Service = M.new() Service.proto = M.String{required=true} -Service.port = M.Collection{type=PortRange} +Service.port = M.Collection{type=M.Range{type=M.net.Port}} Service['icmp-type'] = M.String -- TODO fw zone @@ -93,12 +68,12 @@ Limit.log = M.Reference{scope='../../../log'} FilterRule = M.new(PolicyRule) FilterRule['conn-limit'] = Limit FilterRule['flow-limit'] = Limit -FilterRule.dnat = IPv4Addr +FilterRule.dnat = M.net.IPv4Address FilterRule['no-track'] = M.Boolean{default=false} NATRule = M.new(Rule) -NATRule['to-addr'] = M.Range{type=IPv4Addr} -NATRule['to-port'] = PortRange +NATRule['to-addr'] = M.Range{type=M.net.IPv4Address} +NATRule['to-port'] = M.Range{type=M.net.Port} MarkRule = M.new(Rule) MarkRule.mark = M.Integer{required=true} diff --git a/acf/modules/net.lua b/acf/modules/net.lua new file mode 100644 index 0000000..447c876 --- /dev/null +++ b/acf/modules/net.lua @@ -0,0 +1,25 @@ +--[[ +Copyright (c) 2012-2013 Kaarle Ritvanen +See LICENSE file for license details +--]] + +module(..., package.seeall) + +local M = require('acf.model') + +local Host = M.new() +Host.ipaddr = M.net.IPAddress +Host.canonical = M.String +Host.alias = M.Collection{type=M.String} + +local Resolv = M.new() +Resolv.nameserver = M.Collection{type=M.net.IPAddress} +Resolv['search-domain'] = M.Collection{type=M.String, addr='search/domain'} + +local Net = M.new() +Net.hostname = M.String{addr='/augeas/etc/hostname/hostname'} +Net.hosts = M.Collection{type=Host, addr='/augeas/etc/hosts'} +Net.resolv = M.Model{model=Resolv, addr='/augeas/etc/resolv.conf'} + +M.register('net', Net) +M.permission.defaults('/net') |