Class: IPTables::Tables

Inherits:
Object
  • Object
show all
Defined in:
lib/iptables/tables.rb

Constant Summary collapse

@@parse_table_regex =

Example: *filter

/^\*(\S+)$/
@@parse_comment_regex =

Example: # Generated by iptables-save v1.4.4 on Wed Sep 26 18:38:44 2012

/^#/

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(input, config = nil) ⇒ Tables

Returns a new instance of Tables.



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/iptables/tables.rb', line 13

def initialize(input, config=nil)
  @config = config
  $log.debug('init IPTables')
  @tables = Hash.new

  case input
  when Hash
    input.keys.sort.each{ |table_name|
      table_info = input[table_name]
      case table_info
      when nil, false
        @tables[table_name] = table_info
        next
      end
      table = Table.new(table_name, self, table_info)
      @tables[table_name] = table
    }
    
  when String
    self.parse(input.split(/\n/))

  else
    raise "don't know how to handle input: #{input.inspect}"
  end
end

Instance Attribute Details

#configObject (readonly)

The main iptables object, encompassing all tables, their chains, their rules, etc



6
7
8
 
# File 'lib/iptables/tables.rb', line 6

def config
  @config
end

#tablesObject (readonly)

The main iptables object, encompassing all tables, their chains, their rules, etc



6
7
8
 
# File 'lib/iptables/tables.rb', line 6

def tables
  @tables
end

Instance Method Details

#as_array(comments = true) ⇒ Object 



39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/iptables/tables.rb', line 39

def as_array(comments = true)
  array = []
  $log.debug('IPTables array')
  @tables.keys.sort.each{ |name|
    table = @tables[name]
    $log.debug("#{name}: #{table}")
    next if table.nil?
    array << '*'+name
    array += table.as_array(comments)
    array << 'COMMIT'
  }
  return array
end

#get_node_additions(table_name, chain_name) ⇒ Object 



88
89
90
91
92
93
 
# File 'lib/iptables/tables.rb', line 88

def get_node_additions(table_name, chain_name)
  $log.debug("finding additions for table #{table_name}, chain #{chain_name}")
  return unless @tables.has_key? table_name
  return unless @tables[table_name].class == IPTables::Table
  return @tables[table_name].get_node_additions(chain_name)
end

#merge(merged) ⇒ Object 



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/iptables/tables.rb', line 53

def merge(merged)
  raise "must merge another IPTables::Tables" unless merged.class == IPTables::Tables
  merged.tables.each{ |table_name, table_object|
    $log.debug("merging table #{table_name}")

    case table_object
    when false
      $log.debug("deleting table #{table_name}")
      @tables.delete(table_name)
      next

    when nil
      next
    end

    # only a Table is expected from here onwards

    # merged table
    if (@tables.has_key? table_name) and not (@tables[table_name].nil?)
      @tables[table_name].merge(table_object)
      next
    end
    
    # new table
    @tables[table_name] = table_object
  }

  # find and apply any node rule addition points
  @tables.each{ |name, table|
    next unless table.class == IPTables::Table
    $log.debug("applying additions to table #{name}")
    table.apply_additions(merged)
  }
end

#parse(lines) ⇒ Object 



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'lib/iptables/tables.rb', line 95

def parse(lines)
  position = 0
  while position < lines.length
    line = lines[position]
    #$log.debug(line)
    position += 1

    case line
    when @@parse_comment_regex, 'COMMIT'
      # ignored
    when @@parse_table_regex
      @tables[$1] = IPTables::Table.new($1, self)
      position += @tables[$1].parse(lines[position .. -1])
    else
      raise "unhandled line: #{line}"
    end
  end
  raise 'no tables found' unless @tables.any?
end