Class: Asbestos::RuleSet

Inherits:

Object

• Object
• Asbestos::RuleSet

Extended by:

Forwardable

Includes:

ClassCollection

Defined in:

lib/asbestos/rule_set.rb

Direct Known Subclasses

Service

Instance Attribute Summary

• #attributes ⇒ Object readonly

  Returns the value of attribute attributes.

• #commands ⇒ Object readonly

  Returns the value of attribute commands.

• #host ⇒ Object readonly

  Returns the value of attribute host.

• #name ⇒ Object readonly

  Returns the value of attribute name.

Instance Method Summary

• #command(str) ⇒ Object

  Records a literal firewall command for this host, ignoring firewall type (iptables, ipfw, etc).

• #firewall_rules ⇒ Object

  Asks this RuleSet to generate its firewall rules.

• #from_each(froms = , &block) ⇒ Object

  Given a list of “from” objects, resolve a list of hosts or addresses.

• #from_each_address(froms = ) ⇒ Object

  Resolves a set of “from” objects into addresses.

• #initialize(name, host, template) ⇒ RuleSet constructor

  A new instance of RuleSet.

• #inspect ⇒ Object
• #method_missing(attribute, *args) ⇒ Object

  Responsible for storing and retrieving unspecified DSL calls as service attributes.

Methods included from ClassCollection

included

Constructor Details

#initialize(name, host, template) ⇒ RuleSet

Returns a new instance of RuleSet.

# File 'lib/asbestos/rule_set.rb', line 14

def initialize(name, host, template)
  @name = name
  @host = host
  @attributes = {}
  @commands = []
  @template = template
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(attribute, *args) ⇒ Object

Responsible for storing and retrieving unspecified DSL calls as service attributes.

# File 'lib/asbestos/rule_set.rb', line 117

def method_missing(attribute, *args)
  if args.empty?
    @attributes[attribute]
  else
    #
    # Certain DSL properties should be stored as arrays
    #
    if [:ports, :protocols, :groups].include? attribute
      @attributes[attribute] = [*args]
    else
      @attributes[attribute] = args.first
    end
  end
end

Instance Attribute Details

#attributes ⇒ Object (readonly)

Returns the value of attribute attributes.

# File 'lib/asbestos/rule_set.rb', line 11

def attributes
  @attributes
end

#commands ⇒ Object (readonly)

Returns the value of attribute commands.

# File 'lib/asbestos/rule_set.rb', line 12

def commands
  @commands
end

#host ⇒ Object (readonly)

Returns the value of attribute host.

# File 'lib/asbestos/rule_set.rb', line 10

def host
  @host
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/asbestos/rule_set.rb', line 9

def name
  @name
end

Instance Method Details

#command(str) ⇒ Object

Records a literal firewall command for this host, ignoring firewall type (iptables, ipfw, etc)

# File 'lib/asbestos/rule_set.rb', line 47

def command(str)
  @commands << str
end

#firewall_rules ⇒ Object

Asks this RuleSet to generate its firewall rules

# File 'lib/asbestos/rule_set.rb', line 30

def firewall_rules
  instance_eval &@template
  @commands
end

#from_each(froms = , &block) ⇒ Object

Given a list of “from” objects, resolve a list of hosts or addresses

# File 'lib/asbestos/rule_set.rb', line 63

def from_each(froms = @attributes[:from], &block)
  case froms
    when Array # a list of any of the other types
      froms.each do |from|
        from_each from, &block
      end
    when Hash # either a group or a specific host paired with an interface
      froms.each do |host_or_group, their_interface_tag|
        if [Symbol, String].include? host_or_group.class # it's a group name
          Host.groups[host_or_group].uniq.each do |group_host|
            next if group_host == @host
            yield group_host, their_interface_tag
          end
        else # it's a Host or a lazly defined Host in a proc
          host = host_or_group.is_a?(Proc) ?  host_or_group.call : host_or_group
          yield host, their_interface_tag
        end
      end
    when String, Symbol # some kind of address(es)
      if Asbestos::Address[froms]
        Asbestos::Address[froms].each do |address|
          yield address
        end
      else
        yield froms
      end
    when nil # from everyone
      yield nil
    when Host, Proc
      raise "#{@host.name}/#{name}: you specified a 'from' Host but no remote interface"
    else
      raise "#{@host.name}/#{name}: invalid 'from' object"
  end
end

#from_each_address(froms = ) ⇒ Object

Resolves a set of “from” objects into addresses

# File 'lib/asbestos/rule_set.rb', line 101

def from_each_address(froms = @attributes[:from])
  from_each(froms) do |host_or_address, remote_interface_tag|
    case host_or_address
      when Host # specific host, specific remote interface
        host_or_address.interfaces[remote_interface_tag].each do |remote_interface|
            yield host_or_address.addresses[remote_interface]
        end
      else
        yield host_or_address
    end
  end
end

#inspect ⇒ Object

# File 'lib/asbestos/rule_set.rb', line 22

def inspect
  "#{name}:#{@attributes.inspect}"
end