IP Access Control for Ruby
This library provides classes for controlling IP access in your programs. You can use it to build your own routines for checking IP addresses against access lists or simply use altered sockets implementation which is also shipped with this library.
- Maintaining IP access lists based on rules; see IPAccess::List.
- Grouping input/output access lists into sets; IPAccess::Set.
- Automating access checks and raising exceptions; IPAccess::Set.
- Many formats of IP addresses accepted; see IPAccess.to_cidrs.
- Variants of socket handling classes with IP access control; see IPAccess::Socket and IPAccess::Net.
- Methods for patching native socket handling classes; see IPAccess.arm.
- Methods for patching single network objects; see IPAccess.arm.
- Bases on the library NetAddr and uses trees to store data.
What's in the bag?
There are two classes used to evaluate IP access:
First class maintains a list of rules and methods for checking whether given IP matches them. Second class is more general – it throws exceptions and distinguishes between incoming and outgoing IP traffic. That's because it maintains two access lists.
The classes described above do not interfere with any network classes and/or objects unless you code them to do that. However, this library also provides special variants of socket handling classes that use IPAccess::Set instances to control access of the real TCP/IP traffic in an easy way.
# load patched sockets require 'ipaccess/socket' # assume IP given by untrusted user ip_from_user = '192.168.5.5' # create new access set acl = IPAccess::Set.new # blacklist private and local subnets acl.output.block :private, :local # create TCP socket with IP access control socket = IPAccess::TCPSocket(ip_from_user, 80, acl)
- git clone git://github.com/siefca/IPAccess.git
- gem install ipaccess
See IPAccess module's documentation for more information.
Copyright (c) 2009-2014 by Paweł Wilk.
IPAccess is copyrighted software owned by Paweł Wilk (firstname.lastname@example.org). You may redistribute and/or modify this software as long as you comply with either the terms of the LGPL (see LGPL), or Ruby's license (see COPYING).
THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.