From 7023d4141044d9de656f0d52e39650466d709728 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Apr 2016 15:09:08 +0200 Subject: k 3 iptables: allow REDIRECT target --- krebs/3modules/iptables.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/iptables.nix') diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 9596229d..4b99873a 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -20,6 +20,7 @@ let flatten length hasAttr + hasPrefix mkEnableOption mkOption mkIf @@ -123,7 +124,7 @@ let buildRule = tn: cn: rule: #target validation test: - assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))); + assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))) || hasPrefix "REDIRECT" rule.target; #predicate validation test: #maybe use iptables-test -- cgit v1.2.3