3 lass.iptables: sort rules by precedence
This commit is contained in:
lassulus
parent
e478f140e0
commit
7f30f58a3e
|
|
@ -95,10 +95,12 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
#buildTable :: iptablesAttrSet` -> str
|
#buildTable :: iptablesVersion -> iptablesAttrSet` -> str
|
||||||
#todo: differentiate by iptables-version
|
#todo: differentiate by iptables-version
|
||||||
buildTables = iptv: ts:
|
buildTables = v: ts:
|
||||||
let
|
let
|
||||||
|
sortedTable = sort (a: b: a.precedence < b.precedence) ts;
|
||||||
|
|
||||||
declareChain = t: cn:
|
declareChain = t: cn:
|
||||||
#TODO: find out what to do whit these count numbers
|
#TODO: find out what to do whit these count numbers
|
||||||
":${cn} ${t."${cn}".policy} [0:0]";
|
":${cn} ${t."${cn}".policy} [0:0]";
|
||||||
|
|
@ -106,7 +108,6 @@ let
|
||||||
buildChain = tn: cn:
|
buildChain = tn: cn:
|
||||||
#"${concatStringsSep " " ((attrNames t."${cn}") ++ [cn])}";
|
#"${concatStringsSep " " ((attrNames t."${cn}") ++ [cn])}";
|
||||||
|
|
||||||
#TODO: sort by precedence
|
|
||||||
#TODO: double check should be unneccessary, refactor!
|
#TODO: double check should be unneccessary, refactor!
|
||||||
if (hasAttr "rules" ts."${tn}"."${cn}") then
|
if (hasAttr "rules" ts."${tn}"."${cn}") then
|
||||||
if (ts."${tn}"."${cn}".rules == null) then
|
if (ts."${tn}"."${cn}".rules == null) then
|
||||||
|
|
@ -144,7 +145,7 @@ let
|
||||||
"\nCOMMIT";
|
"\nCOMMIT";
|
||||||
in
|
in
|
||||||
concatStringsSep "\n" ([]
|
concatStringsSep "\n" ([]
|
||||||
++ map buildTable (attrNames ts)
|
++ map buildTable (attrNames sortedTable)
|
||||||
);
|
);
|
||||||
|
|
||||||
#=====
|
#=====
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue