Module: Y2Firewall::Firewalld::Api::Zones

Included in:
Y2Firewall::Firewalld::Api
Defined in:
library/network/src/lib/y2firewall/firewalld/api/zones.rb

Overview

This module contains specific API methods for handling zones configuration.

Instance Method Summary collapse

Instance Method Details

#add_interface(zone, interface, permanent: permanent?) ) ⇒ Boolean

Returns True if interface was added to zone.

Parameters:

  • zone (String)

    The firewall zone

  • interface (String)

    The network interface

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if interface was added to zone



130
131
132
133
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 130

def add_interface(zone, interface, permanent: permanent?)
  modify_command("--zone=#{zone}", "--add-interface=#{interface}",
    permanent: permanent)
end

#add_masquerade(zone, permanent: permanent?) ) ⇒ Boolean

Returns True if masquerade was enabled in zone.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if masquerade was enabled in zone



242
243
244
245
246
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 242

def add_masquerade(zone, permanent: permanent?)
  return true if masquerade_enabled?(zone, permanent: permanent)

  modify_command("--zone=#{zone}", "--add-masquerade", permanent: permanent)
end

#add_port(zone, port, permanent: permanent?) ) ⇒ Boolean

Returns True if port was added to zone.

Parameters:

  • zone (String)

    The firewall zone

  • port (String)

    The firewall port

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if port was added to zone



189
190
191
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 189

def add_port(zone, port, permanent: permanent?)
  modify_command("--zone=#{zone}", "--add-port=#{port}", permanent: permanent)
end

#add_protocol(zone, protocol, permanent: permanent?) ) ⇒ Boolean

Returns True if protocol was added to zone.

Parameters:

  • zone (String)

    The firewall zone

  • protocol (String)

    The firewall protocol

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if protocol was added to zone



198
199
200
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 198

def add_protocol(zone, protocol, permanent: permanent?)
  modify_command("--zone=#{zone}", "--add-protocol=#{protocol}", permanent: permanent)
end

#add_service(zone, service, permanent: permanent?) ) ⇒ Boolean

Returns True if service was added to zone.

Parameters:

  • zone (String)

    The firewall zone

  • service (String)

    The firewall service

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if service was added to zone



180
181
182
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 180

def add_service(zone, service, permanent: permanent?)
  modify_command("--zone=#{zone}", "--add-service=#{service}", permanent: permanent)
end

#change_interface(zone, interface, permanent: permanent?) ) ⇒ Boolean

Returns True if interface was changed.

Parameters:

  • zone (String)

    The firewall zone

  • interface (String)

    The network interface

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if interface was changed



149
150
151
152
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 149

def change_interface(zone, interface, permanent: permanent?)
  modify_command("--zone=#{zone}", "--change-interface=#{interface}",
    permanent: permanent)
end

#create_zone(zone) ⇒ Object

Create the given zone in firewalld. New zones must be created permanently

Parameters:

  • zone (String)

    The firewall zone name



39
40
41
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 39

def create_zone(zone)
  modify_command("--new-zone=#{zone}", permanent: !offline?)
end

#delete_zone(zone) ⇒ Object

Delete the given zone from firewalld. Deleted zones must be deleted permanently

Parameters:

  • zone (String)

    The firewall zone name to be deleted



47
48
49
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 47

def delete_zone(zone)
  modify_command("--delete-zone=#{zone}", permanent: !offline?)
end

#description(zone) ⇒ Object

Long description of the zone

Parameters:

  • zone (String)

    The firewall zone



289
290
291
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 289

def description(zone)
  string_command("--zone=#{zone}", "--get-description", permanent: !offline?)
end

#interface_enabled?(zone, interface, permanent: permanent?) ) ⇒ Boolean

Returns True if interface is assigned to zone.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

  • interface (String)

    The network interface

Returns:

  • (Boolean)

    True if interface is assigned to zone



121
122
123
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 121

def interface_enabled?(zone, interface, permanent: permanent?)
  query_command("--zone=#{zone}", "--query-interface=#{interface}", permanent: permanent)
end

#interface_zone(interface, permanent: permanent?) ) ⇒ String?

Return the name of the zone the interface belongs to or nil.

Parameters:

  • interface (String)

    interface name

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (String, nil)

    the interface zone or nil



112
113
114
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 112

def interface_zone(interface, permanent: permanent?)
  string_command("--get-zone-of-interface=#{interface}", permanent: permanent)
end

#list_all(zone, permanent: permanent?, , verbose: false) ⇒ Array<String>

Returns list of all information for given zone.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?, )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Array<String>)

    list of all information for given zone



87
88
89
90
91
92
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 87

def list_all(zone, permanent: permanent?, verbose: false)
  args = ["--zone=#{zone}", "--list-all"]
  args << "--verbose" if verbose

  string_command(*args, permanent: permanent).split
end

#list_all_zones(permanent: permanent?, , verbose: false) ⇒ Array<String>

Returns list of all information for all firewall zones.

Parameters:

  • permanent (Boolean) (defaults to: permanent?, )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Array<String>)

    list of all information for all firewall zones



97
98
99
100
101
102
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 97

def list_all_zones(permanent: permanent?, verbose: false)
  args = ["--list-all-zones"]
  args << "--verbose" if verbose

  string_command(*args, permanent: permanent).split("\n")
end

#list_interfaces(zone, permanent: permanent?) ) ⇒ Array<String>

Returns list of zone's interfaces.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Array<String>)

    list of zone's interfaces



55
56
57
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 55

def list_interfaces(zone, permanent: permanent?)
  string_command("--zone=#{zone}", "--list-interfaces", permanent: permanent).split
end

#list_ports(zone, permanent: permanent?) ) ⇒ Array<String>

Returns list of zone's ports.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Array<String>)

    list of zone's ports



71
72
73
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 71

def list_ports(zone, permanent: permanent?)
  string_command("--zone=#{zone}", "--list-ports", permanent: permanent).split
end

#list_protocols(zone, permanent: permanent?) ) ⇒ Array<String>

Returns list of zone's protocols.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Array<String>)

    list of zone's protocols



79
80
81
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 79

def list_protocols(zone, permanent: permanent?)
  string_command("--zone=#{zone}", "--list-protocols", permanent: permanent).split
end

#list_services(zone, permanent: permanent?) ) ⇒ Arrray<String>

Returns list of zone's services.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Arrray<String>)

    list of zone's services



63
64
65
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 63

def list_services(zone, permanent: permanent?)
  string_command("--zone=#{zone}", "--list-services", permanent: permanent).split
end

#masquerade_enabled?(zone, permanent: permanent?) ) ⇒ Boolean

Returns True if masquerade is enabled in zone.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it reads the permanent configuration

Returns:

  • (Boolean)

    True if masquerade is enabled in zone



234
235
236
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 234

def masquerade_enabled?(zone, permanent: permanent?)
  query_command("--zone=#{zone}", "--query-masquerade", permanent: permanent)
end

#modify_description(zone, long_description) ⇒ Boolean

Modify the long description of the zone

Parameters:

  • zone (String)

    The firewall zone

  • long_description (String)

    the new zone description

Returns:

  • (Boolean)

    true if the long description was modified



298
299
300
301
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 298

def modify_description(zone, long_description)
  modify_command("--zone=#{zone}", "--set-description=#{long_description}",
    permanent: !offline?)
end

#modify_masquerade(zone, enabled) ⇒ Boolean

Enable or disable masquerade in the zone

Parameters:

  • zone (String)

    The firewall zone

  • enabled (Boolean)

    whether masquerade should be enabled or not

Returns:

  • (Boolean)

    whether masquerade was modified or not



263
264
265
266
267
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 263

def modify_masquerade(zone, enabled)
  method = enabled ? "add_masquerade" : "remove_masquerade"

  public_send(method, zone, permanent: !offline?)
end

#modify_short(zone, short_description) ⇒ Boolean

Modify the full name or short description of the zone

Parameters:

  • zone (String)

    The firewall zone

  • short_description (String)

    the new zone name or description

Returns:

  • (Boolean)

    true if the short description was modified



281
282
283
284
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 281

def modify_short(zone, short_description)
  modify_command("--zone=#{zone}", "--set-short=#{short_description}",
    permanent: !offline?)
end

#modify_target(zone, target) ⇒ Boolean

Modify the current target of the zone

Parameters:

  • zone (String)

    The firewall zone

  • target (String)

    the new target

Returns:

  • (Boolean)

    true if the zone target was modified



315
316
317
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 315

def modify_target(zone, target)
  modify_command("--zone=#{zone}", "--set-target=#{target}", permanent: !offline?)
end

#port_enabled?(zone, port, permanent: permanent?) ) ⇒ Boolean

Returns True if port is enabled in zone.

Parameters:

  • zone (String)

    The firewall zone

  • port (String)

    The firewall port

Returns:

  • (Boolean)

    True if port is enabled in zone



164
165
166
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 164

def port_enabled?(zone, port, permanent: permanent?)
  query_command("--zone=#{zone}", "--query-port=#{port}", permanent: permanent)
end

#protocol_enabled?(zone, protocol, permanent: permanent?) ) ⇒ Boolean

Returns True if protocol is enabled in zone.

Parameters:

  • zone (String)

    The firewall zone

  • protocol (String)

    The zone protocol

Returns:

  • (Boolean)

    True if protocol is enabled in zone



171
172
173
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 171

def protocol_enabled?(zone, protocol, permanent: permanent?)
  query_command("--zone=#{zone}", "--query-protocol=#{protocol}", permanent: permanent)
end

#remove_interface(zone, interface, permanent: permanent?) ) ⇒ Boolean

Returns True if the interface was removed from the zone.

Parameters:

  • zone (String)

    The firewall zone

  • interface (String)

    The network interface

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if the interface was removed from the zone



140
141
142
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 140

def remove_interface(zone, interface, permanent: permanent?)
  modify_command("--zone=#{zone}", "--remove-interface=#{interface}", permanent: permanent)
end

#remove_masquerade(zone, permanent: permanent?) ) ⇒ Boolean

Returns True if masquerade was removed in zone.

Parameters:

  • zone (String)

    The firewall zone

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if masquerade was removed in zone



252
253
254
255
256
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 252

def remove_masquerade(zone, permanent: permanent?)
  return true unless masquerade_enabled?(zone, permanent: permanent)

  modify_command("--zone=#{zone}", "--remove-masquerade", permanent: permanent)
end

#remove_port(zone, port, permanent: permanent?) ) ⇒ Boolean

Returns True if port was removed from zone.

Parameters:

  • zone (String)

    The firewall zone

  • port (String)

    The firewall port

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if port was removed from zone



217
218
219
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 217

def remove_port(zone, port, permanent: permanent?)
  modify_command("--zone=#{zone}", "--remove-port=#{port}", permanent: permanent)
end

#remove_protocol(zone, protocol, permanent: permanent?) ) ⇒ Boolean

Returns True if protocol was removed from zone.

Parameters:

  • zone (String)

    The firewall zone

  • protocol (String)

    The firewall protocol

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if protocol was removed from zone



226
227
228
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 226

def remove_protocol(zone, protocol, permanent: permanent?)
  modify_command("--zone=#{zone}", "--remove-protocol=#{protocol}", permanent: permanent)
end

#remove_service(zone, service, permanent: permanent?) ) ⇒ Boolean

Returns True if service was removed from zone.

Parameters:

  • zone (String)

    The firewall zone

  • service (String)

    The firewall service

  • permanent (Boolean) (defaults to: permanent?) )

    if true and firewalld is running it modifies the permanent configuration

Returns:

  • (Boolean)

    True if service was removed from zone



207
208
209
210
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 207

def remove_service(zone, service, permanent: permanent?)
  remove_arg = offline? ? "--remove-service-from-zone" : "--remove-service"
  modify_command("--zone=#{zone}", "#{remove_arg}=#{service}", permanent: permanent)
end

#service_enabled?(zone, service, permanent: permanent?) ) ⇒ Boolean

Returns True if service is enabled in zone.

Parameters:

  • zone (String)

    The firewall zone

  • service (String)

    The firewall service

Returns:

  • (Boolean)

    True if service is enabled in zone



157
158
159
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 157

def service_enabled?(zone, service, permanent: permanent?)
  query_command("--zone=#{zone}", "--query-service=#{service}", permanent: permanent)
end

#short(zone) ⇒ Object

Full name or short description of the zone

Parameters:

  • zone (String)

    The firewall zone



272
273
274
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 272

def short(zone)
  string_command("--zone=#{zone}", "--get-short", permanent: !offline?)
end

#target(zone) ⇒ Object

The target of the zone

Parameters:

  • zone (String)

    The firewall zone



306
307
308
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 306

def target(zone)
  string_command("--zone=#{zone}", "--get-target", permanent: !offline?)
end

#zonesArray<String>

Returns List of firewall zones.

Returns:

  • (Array<String>)

    List of firewall zones



31
32
33
# File 'library/network/src/lib/y2firewall/firewalld/api/zones.rb', line 31

def zones
  string_command("--get-zones").split
end