Class: Asbestos::Service

Inherits:

RuleSet

• Object
• RuleSet
• Asbestos::Service

Defined in:

lib/asbestos/service.rb

Instance Attribute Summary

• #attributes ⇒ Object readonly

  Returns the value of attribute attributes.

Attributes inherited from RuleSet

#commands, #host, #name

Instance Method Summary

• #firewall_rules ⇒ Object
• #initialize(name, host) ⇒ Service constructor

  A new instance of Service.

• #inspect ⇒ Object
• #open_port(args = {}) ⇒ Object

Methods inherited from RuleSet

#command, #from_each, #from_each_address, #method_missing

Methods included from ClassCollection

included

Constructor Details

#initialize(name, host) ⇒ Service

Returns a new instance of Service.

# File 'lib/asbestos/service.rb', line 9

def initialize(name, host)
  @name = name
  @host = host
  @attributes = {}
  #
  # Attribute defaults
  #
  @attributes[:protocols] = [:tcp]
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Asbestos::RuleSet

Instance Attribute Details

#attributes ⇒ Object (readonly)

Returns the value of attribute attributes.

# File 'lib/asbestos/service.rb', line 7

def attributes
  @attributes
end

Instance Method Details

#firewall_rules ⇒ Object

# File 'lib/asbestos/service.rb', line 23

def firewall_rules
  Array.new.tap do |rules|
    from_each do |host_or_address, remote_interface_tag|
      rules << open_port(:from => host_or_address, :remote_interface_tag => remote_interface_tag)
    end
  end
end

#inspect ⇒ Object

# File 'lib/asbestos/service.rb', line 19

def inspect
  "#{name}:#{[*ports].join(',')}/#{@attributes.inspect}"
end

#open_port(args = {}) ⇒ Object

# File 'lib/asbestos/service.rb', line 31

def open_port(args = {})
  interfaces = on ? host.interfaces[on] : nil # nil -> all interfaces

  Array.new.tap do |rules|
    protocols.each do |protocol|
      ports.each do |port|
        comment_base = "allow #{name}(#{protocol} port #{port}) from"
        case args[:from]
          when Host # specific host, specific remote interface
            raise "Host '#{args[:from].name}' doesn't have interface '#{args[:remote_interface_tag]}'" unless args[:from].interfaces[args[:remote_interface_tag]]
            args[:from].interfaces[args[:remote_interface_tag]].each do |remote_interface|
              comment = "#{comment_base} #{args[:from].name}:#{remote_interface} (#{args[:remote_interface_tag]})"
              rules << Asbestos.firewall.open_port(interfaces, port, protocol, comment, args[:from].addresses[remote_interface])
            end
          when Symbol, String # an address
            comment = "#{comment_base} #{args[:from]}"
            rules << Asbestos.firewall.open_port(interfaces, port, protocol, comment, args[:from])
          else
            comment = "#{comment_base} anyone"
            rules << Asbestos.firewall.open_port(interfaces, port, protocol, comment)
        end
      end
    end
  end
end