Class: Yast::FirewalldWrapperClass

Inherits:
Module
  • Object
show all
Includes:
Logger
Defined in:
library/network/src/modules/firewalld_wrapper.rb

Overview

This module add support for handling firewalld configuration and it is mainly a firewalld wrapper. It is inteded to be used mostly by YaST modules written in Perl like yast-dns-server.

Constant Summary

VALID_PROTOCOLS =
["udp", "tcp", "sctp", "dccp"].freeze

Instance Method Summary collapse

Constructor Details

#initializeFirewalldWrapperClass

Returns a new instance of FirewalldWrapperClass



37
38
39
40
# File 'library/network/src/modules/firewalld_wrapper.rb', line 37

def initialize
  Yast.import "PortAliases"
  Yast.import "PortRanges"
end

Instance Method Details

#add_port(port_or_range, protocol, interface) ⇒ Object

Add the port or range of ports with the given protocol to the zone the interface belongs to. The port can be either a number or known service name.

interface zone; the port can be either a number or a known service name

Examples:

FirewalldWrapper.add_port("80", "TCP", "eth0")
FirewalldWrapper.add_port("8080:8090", "TCP", "eth0")
FirewalldWrapper.add_port("nameserver", "UDP", "eth0")

Parameters:

  • port_or_range (String)

    port or range of ports to be added to the

  • protocol (String)

    port protocol

  • interface (String)

    interface name



70
71
72
73
74
75
76
77
78
# File 'library/network/src/modules/firewalld_wrapper.rb', line 70

def add_port(port_or_range, protocol, interface)
  return false unless valid_port?(port_or_range)
  return false unless supported_protocol?(protocol)

  zone = interface_zone(interface)
  return false unless zone
  port = "#{port_or_range.sub(":", "-")}/#{protocol.downcase}"
  zone.add_port(port)
end

#readObject

Convenience method for calling firewalld.read



43
44
45
# File 'library/network/src/modules/firewalld_wrapper.rb', line 43

def read
  firewalld.read
end

#remove_port(port_or_range, protocol, interface) ⇒ Object

Remove the port or range of ports with the given protocol to the zone the interface belongs to. The port can be either a number or known service name.

the interface zone; the port can be either a number or a known service name

Examples:

FirewalldWrapper.remove_port("80", "TCP", "eth0")
FirewalldWrapper.remove_port("8080:8090", "TCP", "eth0")
FirewalldWrapper.remove_port("nameserver", "UDP", "eth0")

Parameters:

  • port_or_range (String)

    port or range of ports to be removed from

  • protocol (String)

    port protocol

  • interface (String)

    interface name



94
95
96
97
98
99
100
101
102
# File 'library/network/src/modules/firewalld_wrapper.rb', line 94

def remove_port(port_or_range, protocol, interface)
  return false unless valid_port?(port_or_range)
  return false unless supported_protocol?(protocol)

  zone = interface_zone(interface)
  return false unless zone
  port = "#{port_or_range.sub(":", "-")}/#{protocol.downcase}"
  zone.remove_port(port)
end

#writeObject

Convenience method for calling firewalld.write



48
49
50
# File 'library/network/src/modules/firewalld_wrapper.rb', line 48

def write
  firewalld.write
end

#write_onlyObject

Convenience method for calling firewalld.write_only



53
54
55
# File 'library/network/src/modules/firewalld_wrapper.rb', line 53

def write_only
  firewalld.write_only
end