awful 0.0.145 → 0.0.146
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/waf +10 -0
- data/lib/awful/version.rb +1 -1
- data/lib/awful/waf.rb +40 -0
- data/lib/awful/waf_acl.rb +32 -0
- data/lib/awful/waf_ipset.rb +62 -0
- data/lib/awful/waf_rule.rb +31 -0
- metadata +8 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 67e76830d6ca11e1b34442199e55587c816dfe61
|
|
4
|
+
data.tar.gz: f75d5135c848e592dffa10100307a93ab8134165
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 48860bfd4fdda8282da19281ed40215b7e253067c32149b973545c2cc9948e71aabe553e6b9da3d546eaf65b43b7194170ca5e7641e4ac752541a405414f9b33
|
|
7
|
+
data.tar.gz: eedaaa3d216ca79f26e3f763a00511e4141dd9bf1862d82812ca12963a157d34000b9851a54e74cb5f68117c9e00c4bcc48e3a262f7205131f7eeb99d602307d
|
data/bin/waf
ADDED
data/lib/awful/version.rb
CHANGED
data/lib/awful/waf.rb
ADDED
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module WAF
|
|
3
|
+
|
|
4
|
+
class Base < Cli
|
|
5
|
+
no_commands do
|
|
6
|
+
def waf
|
|
7
|
+
@_waf ||= Aws::WAF::Client.new
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
## boilerplate for handling paging in all list_ methods
|
|
11
|
+
def list_thing(thing)
|
|
12
|
+
next_marker = nil
|
|
13
|
+
things = []
|
|
14
|
+
loop do
|
|
15
|
+
response = waf.send("list_#{thing}", next_marker: next_marker, limit: 10)
|
|
16
|
+
things += response.send(thing)
|
|
17
|
+
next_marker = response.next_marker
|
|
18
|
+
break unless next_marker
|
|
19
|
+
end
|
|
20
|
+
things
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def change_token
|
|
24
|
+
waf.get_change_token.change_token
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
desc 'change [ID]', 'get or view change token'
|
|
29
|
+
def change(token = nil)
|
|
30
|
+
if token
|
|
31
|
+
waf.get_change_token_status(change_token: token).change_token_status.output(&method(:puts))
|
|
32
|
+
else
|
|
33
|
+
waf.get_change_token.change_token.output(&method(:puts))
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
end
|
|
40
|
+
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_acl(*args)
|
|
4
|
+
Awful::WAF::Acl.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Acl < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list web_acls'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
method_option :limit, type: :numeric, default: 50, desc: 'limit of acls to request'
|
|
14
|
+
def ls
|
|
15
|
+
list_thing(:web_acls).output do |list|
|
|
16
|
+
if options[:long]
|
|
17
|
+
print_table list.map { |a| [a.name, a.web_acl_id] }
|
|
18
|
+
else
|
|
19
|
+
puts list.map(&:name)
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
class Base < Cli
|
|
27
|
+
desc 'acl', 'acl subcommands'
|
|
28
|
+
subcommand 'acl', Acl
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_ipset(*args)
|
|
4
|
+
Awful::WAF::Ipset.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Ipset < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list ipsets'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
def ls
|
|
14
|
+
list_thing(:ip_sets).output do |ipsets|
|
|
15
|
+
if options[:long]
|
|
16
|
+
print_table ipsets.map { |i| [i.name, i.ip_set_id] }
|
|
17
|
+
else
|
|
18
|
+
puts ipsets.map(&:name)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
desc 'get ID', 'get ipset'
|
|
24
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
25
|
+
def get(id)
|
|
26
|
+
waf.get_ip_set(ip_set_id: id).ip_set.ip_set_descriptors.output do |ipsets|
|
|
27
|
+
if options[:long]
|
|
28
|
+
print_table ipsets.map { |i| [i.value, i.type] }
|
|
29
|
+
else
|
|
30
|
+
puts ipsets.map(&:value)
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
desc 'update ID', 'update ipset with ips'
|
|
36
|
+
method_option :type, type: :string, default: 'ipv4', desc: 'type of address, IPV4 or IPV6'
|
|
37
|
+
method_option :delete, type: :boolean, default: false, desc: 'delete IPs'
|
|
38
|
+
def update(id, *values)
|
|
39
|
+
waf.update_ip_set(
|
|
40
|
+
ip_set_id: id,
|
|
41
|
+
change_token: change_token,
|
|
42
|
+
updates: values.map do |value|
|
|
43
|
+
{
|
|
44
|
+
action: options[:delete] ? 'DELETE' : 'INSERT',
|
|
45
|
+
ip_set_descriptor: {
|
|
46
|
+
type: options[:type].upcase,
|
|
47
|
+
value: value
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
end
|
|
51
|
+
)
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
class Base < Cli
|
|
57
|
+
desc 'ipset', 'ipset subcommands'
|
|
58
|
+
subcommand 'ipset', Ipset
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
end
|
|
62
|
+
end
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
module Awful
|
|
2
|
+
module Short
|
|
3
|
+
def waf_rule(*args)
|
|
4
|
+
Awful::WAF::Rule.new.invoke(*args)
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module WAF
|
|
9
|
+
class Rule < Base
|
|
10
|
+
|
|
11
|
+
desc 'ls', 'list rules'
|
|
12
|
+
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
13
|
+
def ls
|
|
14
|
+
list_thing(:rules).output do |rules|
|
|
15
|
+
if options[:long]
|
|
16
|
+
print_table rules.map { |r| [r.name, r.rule_id] }
|
|
17
|
+
else
|
|
18
|
+
puts rules.map(&:name)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
class Base < Cli
|
|
26
|
+
desc 'rule', 'rule subcommands'
|
|
27
|
+
subcommand 'rule', Rule
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
end
|
|
31
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: awful
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.146
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ric Lister
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-10-
|
|
11
|
+
date: 2016-10-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -115,6 +115,7 @@ executables:
|
|
|
115
115
|
- subnet
|
|
116
116
|
- ta
|
|
117
117
|
- vpc
|
|
118
|
+
- waf
|
|
118
119
|
extensions: []
|
|
119
120
|
extra_rdoc_files: []
|
|
120
121
|
files:
|
|
@@ -155,6 +156,7 @@ files:
|
|
|
155
156
|
- bin/subnet
|
|
156
157
|
- bin/ta
|
|
157
158
|
- bin/vpc
|
|
159
|
+
- bin/waf
|
|
158
160
|
- lib/awful.rb
|
|
159
161
|
- lib/awful/alb.rb
|
|
160
162
|
- lib/awful/ami.rb
|
|
@@ -195,6 +197,10 @@ files:
|
|
|
195
197
|
- lib/awful/trusted_advisor.rb
|
|
196
198
|
- lib/awful/version.rb
|
|
197
199
|
- lib/awful/vpc.rb
|
|
200
|
+
- lib/awful/waf.rb
|
|
201
|
+
- lib/awful/waf_acl.rb
|
|
202
|
+
- lib/awful/waf_ipset.rb
|
|
203
|
+
- lib/awful/waf_rule.rb
|
|
198
204
|
homepage: ''
|
|
199
205
|
licenses:
|
|
200
206
|
- MIT
|