catflap 0.0.2.pre → 0.0.2

data/bin/catflap

@@ -53,16 +53,28 @@ optparse = OptionParser.new do |opts|
   end
 end.parse! ARGV
 
-cf = Catflap.new options['config_file']
+begin
+  cf = Catflap.new options['config_file']
+rescue Psych::SyntaxError
+  puts "There is a YAML syntax error in your catflap configuration file.\n"
+  exit 1
+rescue NoMethodError
+  puts "Cannot read the configuration file (#{options['config_file']}) or default file location: /usr/local/etc/catflap.yaml\n"
+  exit 1
+end
 unless options['start_server']
-  cf.purge_rules! if options['purge']
-  cf.install_rules! if options['install']
-  cf.uninstall_rules! if options['uninstall']
-  cf.add_address! options['add'] if options['add']
-  cf.delete_address! options['del'] if options['del']
-  cf.add_addresses_from_file! options['filepath'] if options['filepath']
-  cf.check_address options['check'] if options['check']
-  cf.list_rules if options['list']
+  begin
+    cf.purge_rules! if options['purge']
+    cf.install_rules! if options['install']
+    cf.uninstall_rules! if options['uninstall']
+    cf.add_address! options['add'] if options['add']
+    cf.delete_address! options['del'] if options['del']
+    cf.add_addresses_from_file! options['filepath'] if options['filepath']
+    cf.check_address options['check'] if options['check']
+    cf.list_rules if options['list']
+  rescue ArgumentError
+    puts "Invalid Argument: make sure IP address or range is correct (i.e. CIDR format)\n"
+  end
 else
   require 'catflap-http'
   CatflapWebserver::start_server cf

data/lib/catflap.rb

@@ -1,10 +1,12 @@
 require 'yaml'
+require 'ipaddr'
 
 class Catflap
 
   attr_accessor :config, :chain, :port, :dports, :print, :noop, :log_rejected
 
   def initialize config_file
+    config_file = config_file || '/usr/local/etc/catflap.yaml'
     @config = {}
     @config = YAML.load_file config_file if File.readable? config_file
     @port = @config['server']['port'] || 4777
@@ -43,15 +45,18 @@ class Catflap
   end
 
   def check_address ip
+    check_user_input ip
     return system "iptables -C #{@chain} -s #{ip} -p tcp -m multiport --dports #{@dports} -j ACCEPT\n"
   end
 
   def add_address! ip
+    check_user_input ip
     output = "iptables -I #{@chain} 1 -s #{ip} -p tcp -m multiport --dports #{@dports} -j ACCEPT\n"
     execute! output
   end
 
   def delete_address! ip
+    check_user_input ip
     output = "iptables -D #{@chain} -s #{ip} -p tcp -m multiport --dports #{@dports} -j ACCEPT\n"
     execute! output
   end 
@@ -60,6 +65,7 @@ class Catflap
     if File.readable? filepath
       output = ""
       File.open(filepath, "r").each_line do |ip|
+        check_user_input ip
         output << "iptables -I #{@chain} 1 -s #{ip.chomp} -p tcp -m multiport --dports #{@dports} -j ACCEPT\n"
       end
       execute! output
@@ -74,4 +80,8 @@ class Catflap
     system output unless @noop
   end 
 
+  def check_user_input suspect
+    return IPAddr.new(suspect)
+  end
+
 end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: catflap
 version: !ruby/object:Gem::Version
-  version: 0.0.2.pre
-  prerelease: 6
+  version: 0.0.2
+  prerelease: 
 platform: ruby
 authors:
 - Nyk Cowham
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-01 00:00:00.000000000 Z
+date: 2013-12-08 00:00:00.000000000 Z
 dependencies: []
 description: A simple solution to provide on-demand service access (e.g. port 80 on
   webserver), where a more robust and secure VPN solution is not available.
@@ -38,9 +38,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ! '>'
+  - - ! '>='
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements:
 - NetFilters (iptables) installed and working.
 rubyforge_project: