- case rule of
- Client (ports, hosts) => confLine_out (uname, rule)
- | Server (ports, hosts) => confLine_in (uname, rule)
- | LocalServer ports => (insertConfLine (uname, ruleNode, Client (ports, ["127.0.0.1/8"]));
- insertConfLine (uname, ruleNode, Server (ports, ["127.0.0.1/8"])))
- | ProxiedServer ports => if (fn FirewallNode r => r) ruleNode = Slave.hostname () then
- (insertConfLine (uname, ruleNode, Server (ports, ["$WEBNODES"]));
- insertConfLine (uname, ruleNode, Client (ports, [(fn FirewallNode r => r) ruleNode])))
- else (* we are a web server *)
- (insertConfLine (uname, ruleNode, Client (ports, [(fn FirewallNode r => r) ruleNode]));
- insertConfLine (User "www-data", ruleNode, Client (ports, [(fn FirewallNode r => r) ruleNode])))
+ let
+ val fwnode_domain = fn FirewallNode node => node ^ "." ^ Config.defaultDomain
+ in
+ case rule of
+ Client (ports, hosts) => (confLine_out (uname, rule); confLine_out_v6 (uname, rule))
+ | Server (ports, hosts) => (confLine_in (uname, rule); confLine_in_v6 (uname, rule))
+ | LocalServer ports => (insertConfLine (uname, ruleNode, Client (ports, ["127.0.0.1/8"]));
+ insertConfLine (uname, ruleNode, Server (ports, ["127.0.0.1/8"]));
+ insertConfLine (uname, ruleNode, Client (ports, [":::1"]));
+ insertConfLine (uname, ruleNode, Server (ports, [":::1"])))
+ | ProxiedServer ports => if (fn FirewallNode r => r) ruleNode = Slave.hostname () then
+ (insertConfLine (uname, ruleNode, Server (ports, ["$WEBNODES"]));
+ insertConfLine (uname, ruleNode, Client (ports, [fwnode_domain ruleNode])))
+ else (* we are a web server *)
+ (insertConfLine (uname, ruleNode, Client (ports, [fwnode_domain ruleNode]));
+ insertConfLine (User "www-data", ruleNode, Client (ports, [fwnode_domain ruleNode])))
+ end