Class: IptablesWeb::Iptables

Inherits:
Object
  • Object
show all
Includes:
Mixin::Sudo
Defined in:
lib/iptables_web/iptables.rb

Instance Method Summary collapse

Methods included from Mixin::Sudo

#execute, #is_root?

Instance Method Details

#combine(rules) ⇒ Object 



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'lib/iptables_web/iptables.rb', line 33

def combine(rules)
  static_rules = self.static_rules
  static_filter = static_rules.delete('filter')

  filter_rules =[]
  filter_rules = filter_rules | Array(static_filter)
  filter_rules = filter_rules | Array(rules).map(&:to_s)
  filter_rules.reject! { |r| r.strip.empty? }
  lines = []
  if filter_rules.size > 0
    lines << '*filter'
    lines << ':INPUT DROP [0:0]'
    lines << ':FORWARD ACCEPT [0:0]'
    lines << ':OUTPUT ACCEPT [0:0]'
    lines = lines | filter_rules
    lines << "COMMIT\n"
  end

  static_rules.each do |chain, sub_rules|
    lines << "*#{chain}"
    lines << sub_rules.join("\n").strip
    lines << "COMMIT\n"
  end
  lines
end

#render(rules) ⇒ Object 



59
60
61
 
# File 'lib/iptables_web/iptables.rb', line 59

def render(rules)
  combine(rules).join("\n")
end

#restore(access_rules) ⇒ Object 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'lib/iptables_web/iptables.rb', line 6

def restore(access_rules)
  lines = combine(access_rules)
  if lines.size == 0
    logged_say('Skip restore because no rules found')
    return
  end

  temp_file = Tempfile.new('rules')
  logged_say("Save rules to file #{temp_file.path}")
  temp_file.write lines.join("\n")
  temp_file.rewind
  execute("/sbin/iptables-restore -c #{temp_file.path}")
ensure
  if temp_file
    temp_file.close
    temp_file.unlink
  end
end

#saveObject 



25
26
27
 
# File 'lib/iptables_web/iptables.rb', line 25

def save
  execute('iptables-save').split("\n")
end

#static_rulesObject 



29
30
31
 
# File 'lib/iptables_web/iptables.rb', line 29

def static_rules
  IptablesWeb.static_rules
end