Class: Yast::SuSEFirewalldServicesClass

Inherits:
SuSEFirewallServicesClass show all
Includes:
Logger
Defined in:
library/network/src/lib/network/susefirewalldservices.rb

Constant Summary collapse

SERVICES_DIRECTORIES =
["/etc/firewalld/services", "/usr/lib/firewalld/services"].freeze
IGNORED_SERVICES =
["..", "."].freeze

Constants inherited from SuSEFirewallServicesClass

Yast::SuSEFirewallServicesClass::DEFAULT_SERVICE, Yast::SuSEFirewallServicesClass::DEFINED_BY_PKG_PREFIX

Instance Method Summary collapse

Methods inherited from SuSEFirewallServicesClass

#GetDescription, #GetFilenameFromServiceDefinedByPackage, #GetListOfServicesAddedByPackage, #GetMetadataAgent, #GetModified, #GetNeededIPProtocols, #GetNeededPortsAndProtocols, #GetNeededRPCPorts, #GetNeededTCPPorts, #GetNeededUDPPorts, #GetSupportedServices, #IsKnownService, #ResetModified, #ServiceDefinedByPackage, #all_services

Constructor Details

#initializeSuSEFirewalldServicesClass

Returns a new instance of SuSEFirewalldServicesClass



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 44

def initialize
  textdomain "base"

  @services = nil

  @known_services_features = {
    "TCP"     => "tcp_ports",
    "UDP"     => "udp_ports",
    "IP"      => "ip_protocols",
    "MODULES" => "modules"
  }

  @known_metadata = { "Name" => "name", "Description" => "description" }

  # firewall needs restarting. Always false for firewalld
  @sfws_modified = false
end

Instance Method Details

#ReadServicesDefinedByRPMPackagesBoolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

Contrary to SF2 we do not read the full service details here

Note:

since that would mean to issue 5-6 API calls for every service

Note:

file which will take a lot of time for no particular reason.

Note:

We will read the full service information if needed in the

Note:

service_details method.

Reads services that can be used in FirewallD

Returns:

  • (Boolean)

    if successful



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 70

def ReadServicesDefinedByRPMPackages
  log.info "Reading FirewallD services from #{SERVICES_DIRECTORIES.join(" and ")}"

  @services ||= {}

  return true unless SuSEFirewall.SuSEFirewallIsInstalled()

  SuSEFirewall.api.services.each do |service_name|
    # Init everything
    @services[service_name] = {}
    @known_services_features.merge(@known_metadata).each_value do |param|
      # Set a good name for our service until we read its information
      @services[service_name][param] = case param
      when "description"
        # We intentionally don't call the API here. We will use it as a
        # flag to populate the full service details later on.
        default_service_description(service_name)
      when "name"
        # We have to call the API here because there are callers which
        # expect to at least provide a sensible service name without
        # worrying for the full service details. This is going to be
        # expensive though since the cost of calling --get-short grows
        # linearly with the number of available services :-(
        SuSEFirewall.api.service_short(service_name)
      else
        []
      end
    end
  end
end

#service_details(service_name, silent = false) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

Since we do not do full service population in ReadServicesDefinedByRPMPackages

Note:

we have to do it here but only if the service hasn't been populated

Note:

before. The way we determine if the service has been populated or not

Note:

is to look at the “description” key.

Returns service definition. See @services for the format. If `silent` is not defined or set to `true`, function throws an exception SuSEFirewalServiceNotFound if service is not found on disk.

Parameters:

  • service_name (String)

    name that may include the “service:” prefix

  • silent (String) (defaults to: false)

    whether to silently return nil when service is not found



115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 115

def service_details(service_name, silent = false)
  service = all_services[service_name]
  # Drop service: if needed
  service_name = service_name.partition(":")[2] if service_name.include?("service:")
  # If service description is the default one then we know that we haven't read the service
  # information just yet. Lets do it now
  populate_service(service_name) if all_services.fetch(service_name, {})["description"] ==
      default_service_description(service_name)
  if service.nil? && !silent
    log.error "Uknown service '#{service_name}'"
    log.info "Known services: #{all_services.keys}"

    raise(
      SuSEFirewalServiceNotFound,
      _("Service with name '%{service_name}' does not exist") % { service_name: service_name }
    )
  end

  service
end

#SetModifiedObject

Sets that configuration was modified



137
138
139
140
141
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 137

def SetModified
  @sfws_modified = true

  nil
end