Class: Inspec::Resources::FirewallD
- Inherits:
-
Object
- Object
- Inspec::Resources::FirewallD
- Defined in:
- lib/resources/firewalld.rb
Instance Attribute Summary collapse
-
#params ⇒ Object
readonly
Returns the value of attribute params.
Instance Method Summary collapse
- #default_zone ⇒ Object
- #has_port_enabled_in_zone?(query_port, query_zone = default_zone) ⇒ Boolean
- #has_rule_enabled?(rule, query_zone = default_zone) ⇒ Boolean
- #has_service_enabled_in_zone?(query_service, query_zone = default_zone) ⇒ Boolean
- #has_zone?(query_zone) ⇒ Boolean
-
#initialize ⇒ FirewallD
constructor
A new instance of FirewallD.
- #installed? ⇒ Boolean
- #running? ⇒ Boolean
- #service_ports_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
- #service_protocols_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
Constructor Details
#initialize ⇒ FirewallD
Returns a new instance of FirewallD.
38 39 40 |
# File 'lib/resources/firewalld.rb', line 38 def initialize @params = parse_active_zones(active_zones) end |
Instance Attribute Details
#params ⇒ Object (readonly)
Returns the value of attribute params.
28 29 30 |
# File 'lib/resources/firewalld.rb', line 28 def params @params end |
Instance Method Details
#default_zone ⇒ Object
58 59 60 61 62 |
# File 'lib/resources/firewalld.rb', line 58 def default_zone # return: word associated with the name of the default zone # example: 'public' firewalld_command('--get-default-zone') end |
#has_port_enabled_in_zone?(query_port, query_zone = default_zone) ⇒ Boolean
80 81 82 |
# File 'lib/resources/firewalld.rb', line 80 def has_port_enabled_in_zone?(query_port, query_zone = default_zone) firewalld_command("--zone=#{query_zone} --query-port=#{query_port}") == 'yes' end |
#has_rule_enabled?(rule, query_zone = default_zone) ⇒ Boolean
84 85 86 87 |
# File 'lib/resources/firewalld.rb', line 84 def has_rule_enabled?(rule, query_zone = default_zone) rule = "rule #{rule}" unless rule.start_with?('rule') firewalld_command("--zone=#{query_zone} --query-rich-rule='#{rule}'") == 'yes' end |
#has_service_enabled_in_zone?(query_service, query_zone = default_zone) ⇒ Boolean
64 65 66 |
# File 'lib/resources/firewalld.rb', line 64 def has_service_enabled_in_zone?(query_service, query_zone = default_zone) firewalld_command("--zone=#{query_zone} --query-service=#{query_service}") == 'yes' end |
#has_zone?(query_zone) ⇒ Boolean
46 47 48 49 50 |
# File 'lib/resources/firewalld.rb', line 46 def has_zone?(query_zone) return false unless installed? result = firewalld_command('--get-zones').split(' ') result.include?(query_zone) end |
#installed? ⇒ Boolean
42 43 44 |
# File 'lib/resources/firewalld.rb', line 42 def installed? inspec.command('firewall-cmd').exist? end |
#running? ⇒ Boolean
52 53 54 55 56 |
# File 'lib/resources/firewalld.rb', line 52 def running? return false unless installed? result = firewalld_command('--state') result =~ /^running/ ? true : false end |
#service_ports_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
68 69 70 71 72 |
# File 'lib/resources/firewalld.rb', line 68 def service_ports_enabled_in_zone(query_service, query_zone = default_zone) # return: String of ports open # example: ['22/tcp', '4722/tcp'] firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-ports --permanent").split(' ') end |
#service_protocols_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
74 75 76 77 78 |
# File 'lib/resources/firewalld.rb', line 74 def service_protocols_enabled_in_zone(query_service, query_zone = default_zone) # return: String of protocoals open # example: ['icmp', 'ipv4', 'igmp'] firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-protocols --permanent").split(' ') end |