Method: Firewool::InstanceMethods#ip_allow?

Defined in:
lib/firewool/instance_methods.rb

#ip_allow?(ip) ⇒ Boolean

Returns:

  • (Boolean) 


16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/firewool/instance_methods.rb', line 16

def ip_allow?(ip)
  firewool_config = self.class.firewool_config.yaml_config[Rails.env]

  if firewool_config['ip_restriction']
    # get our policy from the conf file
    allowed_ranges = firewool_config['allow']
    denied_ranges = firewool_config['deny']

    # default allow check
    if allowed_ranges.include?("0.0.0.0")
      # default_allow done with access_decision true first
      # allow -> deny
      access_decision = true
    else
      # without default_allow is access_decision is false by default
      # deny -> allow -> deny
      access_decision = false
    end

    client_ip = IPAddress::parse ip

    # apply allow rules
    if !allowed_ranges.nil?
      if in_range?(allowed_ranges, client_ip)
        access_decision = true
      end
    end

    # apply deny rules      
    if !denied_ranges.nil?
      if in_range?(denied_ranges, client_ip)
        access_decision = false
      end
    end

    # return our shizz
    access_decision
  end
end