awful 0.0.145 → 0.0.146
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/waf +10 -0
- data/lib/awful/version.rb +1 -1
- data/lib/awful/waf.rb +40 -0
- data/lib/awful/waf_acl.rb +32 -0
- data/lib/awful/waf_ipset.rb +62 -0
- data/lib/awful/waf_rule.rb +31 -0
- metadata +8 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 67e76830d6ca11e1b34442199e55587c816dfe61
|
|
4
|
+
data.tar.gz: f75d5135c848e592dffa10100307a93ab8134165
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 48860bfd4fdda8282da19281ed40215b7e253067c32149b973545c2cc9948e71aabe553e6b9da3d546eaf65b43b7194170ca5e7641e4ac752541a405414f9b33
|
|
7
|
+
data.tar.gz: eedaaa3d216ca79f26e3f763a00511e4141dd9bf1862d82812ca12963a157d34000b9851a54e74cb5f68117c9e00c4bcc48e3a262f7205131f7eeb99d602307d
|
data/bin/waf
ADDED
data/lib/awful/version.rb
CHANGED
data/lib/awful/waf.rb
ADDED
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module WAF
|
|
3
|
+
|
|
4
|
+
class Base < Cli
|
|
5
|
+
no_commands do
|
|
6
|
+
def waf
|
|
7
|
+
@_waf ||= Aws::WAF::Client.new
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
## boilerplate for handling paging in all list_ methods
|
|
11
|
+
def list_thing(thing)
|
|
12
|
+
next_marker = nil
|
|
13
|
+
things = []
|
|
14
|
+
loop do
|
|
15
|
+
response = waf.send("list_#{thing}", next_marker: next_marker, limit: 10)
|
|
16
|
+
things += response.send(thing)
|
|
17
|
+
next_marker = response.next_marker
|
|
18
|
+
break unless next_marker
|
|
19
|
+
end
|
|
20
|
+
things
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def change_token
|
|
24
|
+
waf.get_change_token.change_token
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
desc 'change [ID]', 'get or view change token'
|
|
29
|
+
def change(token = nil)
|
|
30
|
+
if token
|
|
31
|
+
waf.get_change_token_status(change_token: token).change_token_status.output(&method(:puts))
|
|
32
|
+
else
|
|
33
|
+
waf.get_change_token.change_token.output(&method(:puts))
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
end
|
|
40
|
+
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_acl(*args)
|
|
4
|
+
Awful::WAF::Acl.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Acl < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list web_acls'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
method_option :limit, type: :numeric, default: 50, desc: 'limit of acls to request'
|
|
14
|
+
def ls
|
|
15
|
+
list_thing(:web_acls).output do |list|
|
|
16
|
+
if options[:long]
|
|
17
|
+
print_table list.map { |a| [a.name, a.web_acl_id] }
|
|
18
|
+
else
|
|
19
|
+
puts list.map(&:name)
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
class Base < Cli
|
|
27
|
+
desc 'acl', 'acl subcommands'
|
|
28
|
+
subcommand 'acl', Acl
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_ipset(*args)
|
|
4
|
+
Awful::WAF::Ipset.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Ipset < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list ipsets'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
def ls
|
|
14
|
+
list_thing(:ip_sets).output do |ipsets|
|
|
15
|
+
if options[:long]
|
|
16
|
+
print_table ipsets.map { |i| [i.name, i.ip_set_id] }
|
|
17
|
+
else
|
|
18
|
+
puts ipsets.map(&:name)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
desc 'get ID', 'get ipset'
|
|
24
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
25
|
+
def get(id)
|
|
26
|
+
waf.get_ip_set(ip_set_id: id).ip_set.ip_set_descriptors.output do |ipsets|
|
|
27
|
+
if options[:long]
|
|
28
|
+
print_table ipsets.map { |i| [i.value, i.type] }
|
|
29
|
+
else
|
|
30
|
+
puts ipsets.map(&:value)
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
desc 'update ID', 'update ipset with ips'
|
|
36
|
+
method_option :type, type: :string, default: 'ipv4', desc: 'type of address, IPV4 or IPV6'
|
|
37
|
+
method_option :delete, type: :boolean, default: false, desc: 'delete IPs'
|
|
38
|
+
def update(id, *values)
|
|
39
|
+
waf.update_ip_set(
|
|
40
|
+
ip_set_id: id,
|
|
41
|
+
change_token: change_token,
|
|
42
|
+
updates: values.map do |value|
|
|
43
|
+
{
|
|
44
|
+
action: options[:delete] ? 'DELETE' : 'INSERT',
|
|
45
|
+
ip_set_descriptor: {
|
|
46
|
+
type: options[:type].upcase,
|
|
47
|
+
value: value
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
end
|
|
51
|
+
)
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
class Base < Cli
|
|
57
|
+
desc 'ipset', 'ipset subcommands'
|
|
58
|
+
subcommand 'ipset', Ipset
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
end
|
|
62
|
+
end
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_rule(*args)
|
|
4
|
+
Awful::WAF::Rule.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Rule < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list rules'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
def ls
|
|
14
|
+
list_thing(:rules).output do |rules|
|
|
15
|
+
if options[:long]
|
|
16
|
+
print_table rules.map { |r| [r.name, r.rule_id] }
|
|
17
|
+
else
|
|
18
|
+
puts rules.map(&:name)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
class Base < Cli
|
|
26
|
+
desc 'rule', 'rule subcommands'
|
|
27
|
+
subcommand 'rule', Rule
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
end
|
|
31
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: awful
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.146
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ric Lister
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-10-
|
|
11
|
+
date: 2016-10-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -115,6 +115,7 @@ executables:
|
|
|
115
115
|
- subnet
|
|
116
116
|
- ta
|
|
117
117
|
- vpc
|
|
118
|
+
- waf
|
|
118
119
|
extensions: []
|
|
119
120
|
extra_rdoc_files: []
|
|
120
121
|
files:
|
|
@@ -155,6 +156,7 @@ files:
|
|
|
155
156
|
- bin/subnet
|
|
156
157
|
- bin/ta
|
|
157
158
|
- bin/vpc
|
|
159
|
+
- bin/waf
|
|
158
160
|
- lib/awful.rb
|
|
159
161
|
- lib/awful/alb.rb
|
|
160
162
|
- lib/awful/ami.rb
|
|
@@ -195,6 +197,10 @@ files:
|
|
|
195
197
|
- lib/awful/trusted_advisor.rb
|
|
196
198
|
- lib/awful/version.rb
|
|
197
199
|
- lib/awful/vpc.rb
|
|
200
|
+
- lib/awful/waf.rb
|
|
201
|
+
- lib/awful/waf_acl.rb
|
|
202
|
+
- lib/awful/waf_ipset.rb
|
|
203
|
+
- lib/awful/waf_rule.rb
|
|
198
204
|
homepage: ''
|
|
199
205
|
licenses:
|
|
200
206
|
- MIT
|