Class: IPScriptables::Runtime

Inherits:

Object

• Object
• IPScriptables::Runtime

Defined in:

lib/ipscriptables/runtime.rb

Constant Summary

DEFAULT_OPTS =

{ counters: true }

Instance Attribute Summary

• #log ⇒ Object readonly

  Returns the value of attribute log.

• #opts ⇒ Object readonly

  Returns the value of attribute opts.

Instance Method Summary

• #dsl_eval(&block) ⇒ Object
• #execute! ⇒ Object

  rubocop:disable CyclomaticComplexity, MethodLength.

• #family(*families, &block) ⇒ Object
• #initialize(opts = {}, logger = nil) ⇒ Runtime constructor

  A new instance of Runtime.

• #ip6tables(&block) ⇒ Object
• #iptables(&block) ⇒ Object
• #load_file(path) ⇒ Object
• #ruleset(family) ⇒ Object

Constructor Details

#initialize(opts = {}, logger = nil) ⇒ Runtime

Returns a new instance of Runtime.

# File 'lib/ipscriptables/runtime.rb', line 12

def initialize(opts = {}, logger = nil)
  @opts = DEFAULT_OPTS.merge(opts)
  @log = logger || Logger.new($stderr)
  @evaluating = 0
  @rulesets = {}
end

Instance Attribute Details

#log ⇒ Object (readonly)

Returns the value of attribute log.

# File 'lib/ipscriptables/runtime.rb', line 10

def log
  @log
end

#opts ⇒ Object (readonly)

Returns the value of attribute opts.

# File 'lib/ipscriptables/runtime.rb', line 10

def opts
  @opts
end

Instance Method Details

#dsl_eval(&block) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 52

def dsl_eval(&block)
  @evaluating += 1
  instance_eval(&block)
ensure
  @evaluating -= 1
end

#execute! ⇒ Object

rubocop:disable CyclomaticComplexity, MethodLength

# File 'lib/ipscriptables/runtime.rb', line 59

def execute!  # rubocop:disable CyclomaticComplexity, MethodLength
  if @evaluating != 0
    fail "I can't let you do that (DSL eval depth #{@evaluating})"
  end

  ok = true
  @rulesets.sort.each do |family, ruleset|
    if !opts.fetch(family, true)
      log.info "Skipping #{family} as requested"
    else
      diff = ruleset.diff
      if diff.to_s.empty?
        log.info "No changes for #{family}, moving along."
      else
        log.info "Changes found for #{family}"
        format = opts.fetch(:color, $stdout.tty?) ? :color : :text
        puts diff.to_s(format) unless opts[:quiet]
        if opts[:apply]
          log.info "Restoring #{family}"
          begin
            ruleset.restore!
          rescue => e
            log.error "Failure restoring #{family}: #{e}"
            ok = false
            return ok if opts[:fail_fast]
          end
        else
          log.info "Would restore #{family}"
        end
      end
    end
  end

  log.warn 'There were errors' unless ok

  ok
end

#family(*families, &block) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 25

def family(*families, &block)
  families.each do |family|
    begin
      @evaluating += 1
      ruleset(family).dsl_eval(&block)
    ensure
      @evaluating -= 1
    end
  end
end

#ip6tables(&block) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 40

def ip6tables(&block)
  family(:inet6, &block)
end

#iptables(&block) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 36

def iptables(&block)
  family(:inet, &block)
end

#load_file(path) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 44

def load_file(path)
  @evaluating += 1
  log.info "Loading configuration from #{path}"
  instance_eval(File.read(path), path)
ensure
  @evaluating -= 1
end

#ruleset(family) ⇒ Object

# File 'lib/ipscriptables/runtime.rb', line 19

def ruleset(family)
  family = family.to_sym
  @rulesets[family] ||=
    IPScriptables::Ruleset.from_system(family: family).bud(opts)
end