Class: IPScriptables::Ruleset
- Inherits:
-
Object
- Object
- IPScriptables::Ruleset
show all
- Extended by:
- Forwardable
- Includes:
- Enumerable, Helpers
- Defined in:
- lib/ipscriptables/ruleset.rb,
lib/ipscriptables/pretty_print.rb,
lib/ipscriptables/ruleset/class_methods.rb
Instance Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Methods included from Helpers
ohai, run_command
Constructor Details
#initialize(opts = {}, &block) ⇒ Ruleset
Returns a new instance of Ruleset.
19
20
21
22
23
|
# File 'lib/ipscriptables/ruleset.rb', line 19
def initialize(opts = {}, &block)
@tables = Hashie::Mash.new
@opts = Hashie::Mash[opts]
dsl_eval(&block) if block_given?
end
|
Dynamic Method Handling
This class handles dynamic methods through the method_missing method
#method_missing(meth, *args, &block) ⇒ Object
37
38
39
40
41
42
43
|
# File 'lib/ipscriptables/ruleset.rb', line 37
def method_missing(meth, *args, &block)
if @opts.respond_to?(meth)
@opts.send(meth, *args, &block)
else
super
end
end
|
Instance Attribute Details
#opts ⇒ Object
Returns the value of attribute opts.
12
13
14
|
# File 'lib/ipscriptables/ruleset.rb', line 12
def opts
@opts
end
|
Class Method Details
.from_command(*args) ⇒ Object
44
45
46
47
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 44
def from_command(*args)
opts = args.last.is_a?(Hash) ? args.pop : {}
from_s(Helpers.run_command(*args), opts.merge(command: args))
end
|
.from_file(path, opts = {}) ⇒ Object
8
9
10
11
12
13
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 8
def from_file(path, opts = {})
f = File.open(path)
from_io(f, opts)
ensure
f.close if f
end
|
.from_io(io, opts = {}) ⇒ Object
Also known as:
from_s
rubocop:disable CyclomaticComplexity, MethodLength, LineLength
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 15
def from_io(io, opts = {})
rs = new(opts.merge(skip_builtin_chains: true))
table = nil
io.each_line do |ln|
ln.strip!
case ln
when /^#/
when /^\*(.*)/
fail RuntimeError unless table.nil?
table = rs.table($1)
when /^:(\w+) (\w+|-) \[(\d+):(\d+)\]$/
table.chain $1, $2, [$3.to_i, $4.to_i]
when /^(\[(\d+):(\d+)\] )?-A (\w+) (.*)/
ch = table[$4]
rule = $5
counters = [$2.to_i, $3.to_i] if $1
ch.rule(Rule.new(ch, rule, counters))
when /^COMMIT$/
fail 'COMMIT without table' if table.nil?
table = nil
else
fail "Cannot parse iptables-save line: #{ln}"
end
end
rs
end
|
.from_ip6tables(opts = {}) ⇒ Object
62
63
64
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 62
def from_ip6tables(opts = {})
from_system(opts.merge(family: :inet6))
end
|
.from_iptables(opts = {}) ⇒ Object
58
59
60
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 58
def from_iptables(opts = {})
from_system(opts.merge(family: :inet))
end
|
.from_system(opts = {}) ⇒ Object
49
50
51
52
53
54
55
56
|
# File 'lib/ipscriptables/ruleset/class_methods.rb', line 49
def from_system(opts = {})
opts[:family] ||= :inet
case opts[:family]
when :inet then from_command 'iptables-save', '-c', opts
when :inet6 then from_command 'ip6tables-save', '-c', opts
else fail NotImplementedError, "Unknonwn family #{opts[:family]}"
end
end
|
Instance Method Details
#bud(opts = {}, &block) ⇒ Object
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# File 'lib/ipscriptables/ruleset.rb', line 45
def bud(opts = {}, &block)
opts = opts.merge skip_builtin_chains: true, original: self
opts[:family] = self.opts.family if self.opts.family?
child = self.class.new(opts)
each do |table|
child_table = child.table(table.name)
table.each do |chain|
child_table.chain chain.name, chain.policy, chain.counters
end
end
Docile.dsl_eval(child, &block) if block_given?
child
end
|
#diff(from = nil) ⇒ Object
79
80
81
82
83
|
# File 'lib/ipscriptables/ruleset.rb', line 79
def diff(from = nil)
from ||= original
fail 'Need something to diff against' unless from
Diffy::Diff.new(from.render, render)
end
|
#dsl_eval(&block) ⇒ Object
25
26
27
|
# File 'lib/ipscriptables/ruleset.rb', line 25
def dsl_eval(&block)
Docile.dsl_eval(self, &block)
end
|
#inherit(table, *names, &block) ⇒ Object
71
72
73
|
# File 'lib/ipscriptables/ruleset.rb', line 71
def inherit(table, *names, &block)
self[table].inherit(*names, &block)
end
|
#inspect ⇒ Object
5
6
7
|
# File 'lib/ipscriptables/pretty_print.rb', line 5
def inspect
"#<#{self.class} [#{map(&:inspect).join(', ')}]>"
end
|
#load_file(path) ⇒ Object
29
30
31
|
# File 'lib/ipscriptables/ruleset.rb', line 29
def load_file(path)
dsl_eval { instance_eval(File.read(path), path) }
end
|
#pretty_print(q) ⇒ Object
9
10
11
12
13
14
15
16
|
# File 'lib/ipscriptables/pretty_print.rb', line 9
def pretty_print(q)
q.object_address_group(self) do
q.group(2) do
q.breakable
q.seplist(self, -> { q.breakable }) { |v| q.pp v }
end
end
end
|
#render ⇒ Object
75
76
77
|
# File 'lib/ipscriptables/ruleset.rb', line 75
def render
map(&:render).join("\n") << "\n"
end
|
#respond_to?(meth) ⇒ Boolean
33
34
35
|
# File 'lib/ipscriptables/ruleset.rb', line 33
def respond_to?(meth)
super || @opts.respond_to?(meth)
end
|
#restore! ⇒ Object
85
86
87
88
89
90
91
92
|
# File 'lib/ipscriptables/ruleset.rb', line 85
def restore!
IO.popen(restore_command, 'w') do |restore|
restore.write(render)
end
unless $?.success?
fail "Failure in #{restore_command.join(' ').inspect}: #{$?}"
end
end
|
#restore_command ⇒ Object
94
95
96
97
98
99
100
101
|
# File 'lib/ipscriptables/ruleset.rb', line 94
def restore_command
case opts[:family]
when :inet then %w(iptables-restore -c)
when :inet6 then %w(ip6tables-restore -c)
else fail NotImplementedError,
"Unsupported family #{opts[:family].inspect}"
end
end
|
#table(name, &block) ⇒ Object
63
64
65
66
67
68
69
|
# File 'lib/ipscriptables/ruleset.rb', line 63
def table(name, &block)
if @tables.key?(name)
Docile.dsl_eval(@tables[name], &block)
else
self[name] = Table.new(name, self, &block)
end
end
|
#to_ary ⇒ Object
59
60
61
|
# File 'lib/ipscriptables/ruleset.rb', line 59
def to_ary
@tables.values
end
|