construqt 0.0.5 → 0.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2115258ebfdfcd8677388f8d16094791d24c8f73
-  data.tar.gz: 2a0e2a30f18d8c0cca7f8f15db806685e60e517b
+  metadata.gz: dfe8c9a2bd8be0212520042b682cecd13e29c344
+  data.tar.gz: 4a7f7d3e33653c244fa531330eeaae21a46cf238
 SHA512:
-  metadata.gz: cdc4dcecb64df68474a1a3475bb39202ba60e1cb02c3ac60607ce85afba3fd9b6d85a4b841ce8325d353a55f8ba592a90a14d150cbe62349c17bb0823cbf95a4
-  data.tar.gz: f0bb62e3236746fd6cccd2333ba213524c86d6fb8169c1371b83175d53704c1337e45f1611acc81cf54ff084e643aebc5fb7269b0460ee98358462f81ff96622
+  metadata.gz: 7714a4055290897c0db7983ee74289efa180d2ef6588fa8703dbd5404c698aef3c2d50309ccff96ecc3266c22c2da2a996872140c58a8b908f749fe1d8f60f41
+  data.tar.gz: cc0afd3f1d2d6ab770199da574d80abf9c45927a9cf790232782b4cba656b6dc4c44678a930353c56f9efb65ab44770b546bd8ec74baee2e0798fdc0c91c903f

data/lib/construqt/addresses.rb

@@ -18,6 +18,64 @@ module Construqt
       @network
     end
 
+
+    # hier frieht die hoelle zu!!!
+    class CqIpAddress
+      attr_reader :ipaddr, :container
+      def initialize(ipaddr, container)
+        @ipaddr = ipaddr
+        @container = container
+      end
+      def ipv4?
+        @ipaddr.ipv4?
+      end
+      def ipv6?
+        @ipaddr.ipv6?
+      end
+      def include?(a)
+        @ipaddr.include?(a)
+      end
+      def prefix
+        @ipaddr.prefix
+      end
+      def network
+        @ipaddr.network
+      end
+      def to_i
+        @ipaddr.to_i
+      end
+      def to_s
+        @ipaddr.to_s
+      end
+      def to_string
+        @ipaddr.to_string
+      end
+      def to_u32
+        @ipaddr.to_u32
+      end
+      def first
+        @ipaddr.first
+      end
+      def last
+        @ipaddr.last
+      end
+      def groups
+        @ipaddr.groups
+      end
+      def compressed
+        @ipaddr.compressed
+      end
+      def reverse
+        @ipaddr.reverse
+      end
+      def address
+        @ipaddr.address
+      end
+      def netmask
+        @ipaddr.netmask
+      end
+    end
+
     class Address
       attr_accessor :host
       attr_accessor :interface
@@ -39,7 +97,7 @@ module Construqt
         self.ips = []
         self.host = nil
         self.interface = nil
-        self.routes = []
+        @routes = []
         self.tags = []
         @loopback = @dhcpv4 = @dhcpv6 = false
         @name = nil
@@ -74,7 +132,7 @@ module Construqt
       end
 
       def tag(tag)
-        self.tags << tag
+        self.tags += tag.split("#")
         self
       end
 
@@ -101,7 +159,7 @@ module Construqt
       end
 
       def add_ip(ip, region = "")
-        throw "please give a ip #{ip}" unless ip
+        throw "please give a ip #{ip}" if ip.nil?
         if ip
           #puts ">>>>> #{ip} #{ip.class.name}"
           if DHCPV4 == ip
@@ -111,7 +169,8 @@ module Construqt
           elsif LOOOPBACK == ip
             @loopback = true
           else
-            (unused, ip) = self.merge_tag(ip) { |ip| IPAddress.parse(ip) }
+            throw "please give a ip #{ip} as string!" unless ip.kind_of?(String)
+            (unused, ip) = self.merge_tag(ip) { |ip| CqIpAddress.new(IPAddress.parse(ip), self) }
             self.ips << ip
           end
         end
@@ -119,13 +178,51 @@ module Construqt
         self
       end
 
+
+      def routes
+        @routes.map do |i|
+            if i.kind_of?(Route)
+              i
+            else
+              ret = []
+              [OpenStruct.new(:dsts => Construqt::Tags.ips_net(i.dst_tag, Construqt::Addresses::IPV6),
+                              :vias => Construqt::Tags.ips_hosts(i.via_tag, Construqt::Addresses::IPV6)),
+               OpenStruct.new(:dsts => Construqt::Tags.ips_net(i.dst_tag, Construqt::Addresses::IPV4),
+                              :vias => Construqt::Tags.ips_hosts(i.via_tag, Construqt::Addresses::IPV4))].each do |blocks|
+                 next unless blocks.vias
+                 next unless blocks.dsts
+                 next if blocks.dsts.empty?
+                 blocks.vias.each do |via|
+                   blocks.dsts.each do |dst|
+                     ret << build_route(dst.to_string, via.to_s, i.options)
+                   end
+                 end
+              end
+              ret
+            end
+        end.flatten
+      end
       #    @nameservers = []
       #    def add_nameserver(ip)
       #      @nameservers << IPAddress.parse(ip)
       #      self
       #    end
+      #
+      #
+      class TagRoute
+        attr_reader :dst_tag, :via_tag, :options
+        def initialize(dst_tag, via_tag, options)
+          @dst_tag = dst_tag
+          @via_tag = via_tag
+          @options = options
+        end
+      end
+
+      def add_route_from_tags(dst_tags, src_tags, options = {})
+        @routes << TagRoute.new(dst_tags, src_tags, options)
+        self
+      end
 
-      attr_accessor :routes
       def add_routes(addr_s, via, options = {})
         addrs = addr_s.kind_of?(Array) ? addr_s : [addr_s]
         addrs.each do |addr|
@@ -141,9 +238,20 @@ module Construqt
         self
       end
 
-      def add_route(dst, via, option = {})
+      class Route
+        attr_reader :dst, :via, :type, :metric, :routing_table
+        def initialize(dst, via, type, metric, routing_table)
+          @dst = dst
+          @via = via
+          @type = type
+          @metric = metric
+          @routing_table = routing_table
+        end
+      end
+
+      def build_route(dst, via, option = {})
         #puts "DST => "+dst.class.name+":"+dst.to_s
-        (unused, dst) = self.merge_tag(dst) { |dst| IPAddress.parse(dst) }
+        (unused, dst) = self.merge_tag(dst) { |dst| CqIpAddress.new(IPAddress.parse(dst), self) }
         metric = option['metric']
         if via == UNREACHABLE
           via = nil
@@ -152,14 +260,17 @@ module Construqt
           if via.nil?
             via = nil
           else
-            via = IPAddress.parse(via)
+            (unused, via) = self.merge_tag(via) { |via| CqIpAddress.new(IPAddress.parse(via), self) }
             throw "different type #{dst} #{via}" unless dst.ipv4? == via.ipv4? && dst.ipv6? == via.ipv6?
           end
-
           type = nil
         end
+        Route.new(dst, via, type, metric, option["routing-table"])
+      end
 
-        self.routes << OpenStruct.new("dst" => dst, "via" => via, "type" => type, "metric" => metric)
+
+      def add_route(dst, via, option = {})
+        @routes << build_route(dst, via, option)
         self
       end
 

data/lib/construqt/bgps.rb

@@ -90,23 +90,19 @@ module Construqt
       def addr_v_(cfg)
         [OpenStruct.new({:code=>4, :is? => lambda {|i| i.ipv4? }, :max_prefix=>32}),
          OpenStruct.new({:code=>6, :is? => lambda {|i| i.ipv6? }, :max_prefix=>128})].each do |family|
-          addr = cfg["addr_v#{family.code}"]
-          next unless addr
+          addrs = cfg["addr_v#{family.code}"]
+          next unless addrs
           cfg.delete("addr_v#{family.code}")
           addr_sub_prefix = cfg['addr_sub_prefix']
           cfg.delete('addr_sub_prefix')
+          throw "addrs must be array" unless addrs.kind_of?([].class)
           #puts addr.inspect
-          (addr.kind_of?(Construqt::Addresses::Address) ? [addr] : addr).each do |addr|
-            addr.ips.each do |net|
-              next unless family.is?.call(net)
-              network = Construqt::Addresses::Address.new
-              network.add_ip(net.to_string)
-              cfg = { 'network' => network }.merge(cfg)
-              cfg['prefix_length'] = [net.prefix,family.max_prefix] if addr_sub_prefix
-              @list << cfg
-            end
+          addrs.each do |net|
+            next unless family.is?.call(net)
+            out = ({ 'network' => Construqt::Addresses::Address.new.add_ip(net.to_string) }).merge(cfg)
+            out['prefix_length'] = [net.prefix,family.max_prefix] if addr_sub_prefix
+            @list << out
           end
-
           nil
         end
       end
@@ -115,6 +111,7 @@ module Construqt
         cfg = {}.merge(cfg)
         cfg['rule'] = 'accept'
         addr_v_(cfg)
+        throw "we need a network attribute" unless cfg['network']
         @list << cfg if cfg['network']
       end
 
@@ -122,6 +119,7 @@ module Construqt
         cfg = {}.merge(cfg)
         cfg['rule'] = 'reject'
         addr_v_(cfg)
+        throw "we need a network attribute" unless cfg['network']
         @list << cfg if cfg['network']
       end
     end

data/lib/construqt/firewalls.rb

@@ -9,6 +9,56 @@ module Construqt
       DROP = :DROP
     end
 
+    module ICMP
+      PingRequest = :ping_request
+    end
+
+    module FromToNetAddr
+      def from_net_addr(*adr)
+        @from_net_addr ||= []
+        @from_net_addr += adr
+        self
+      end
+      def get_from_net_addr
+        @from_net_addr || []
+      end
+
+      def to_net_addr(*adr)
+        @to_net_addr ||= []
+        @to_net_addr += adr
+        self
+      end
+      def get_to_net_addr
+        @to_net_addr || []
+      end
+    end
+
+    module InputOutputOnly
+      # the big side effect
+
+      def input_only?
+        (!@set && true) || @input_only
+      end
+
+      def output_only?
+        (!@set && true) || @output_only
+      end
+
+      def input_only
+        @set = true
+        @input_only = true
+        @output_only = false
+        self
+      end
+
+      def output_only
+        @set = true
+        @input_only = false
+        @output_only = true
+        self
+      end
+    end
+
     class Firewall
       def initialize(name)
         @name = name
@@ -16,6 +66,26 @@ module Construqt
         @nat = Nat.new(self)
         @forward = Forward.new(self)
         @host = Host.new(self)
+        @ipv4 = true
+        @ipv6 = true
+      end
+
+      def ipv4?
+        @ipv4
+      end
+      def only_ipv4
+        @ipv4 = true
+        @ipv6 = false
+        self.clone
+      end
+
+      def ipv6?
+        @ipv6
+      end
+      def only_ipv6
+        @ipv4 = false
+        @ipv6 = true
+        self.clone
       end
 
       def name
@@ -31,17 +101,19 @@ module Construqt
 
         class RawEntry
           include Util::Chainable
-          chainable_attr :prerouting, true, false, lambda{|i| @output = false; input_only(true); output_only(false) }
-          chainable_attr :input_only, true
-          chainable_attr :output, true, false, lambda {|i| @prerouting = false; input_only(false); output_only(true) }
-          chainable_attr :output_only, true
+          include FromToNetAddr
+          include InputOutputOnly
+          chainable_attr :prerouting, true, false, lambda{|i| @output = false; input_only }
+          chainable_attr :output, true, false, lambda {|i| @prerouting = false; output_only }
           chainable_attr :interface
-          chainable_attr :from_interface, true, false
+          chainable_attr :from_my_net, true, false
+          chainable_attr :to_my_net, true, false
           chainable_attr_value :from_net, nil
           chainable_attr_value :to, nil
           chainable_attr_value :to_net, nil
           chainable_attr_value :action, nil
 
+
           def initialize
             @from_is = nil
           end
@@ -54,6 +126,7 @@ module Construqt
           end
           def from_is(direction)
             @from_is = direction
+            self
           end
         end
 
@@ -86,16 +159,32 @@ module Construqt
 
         class NatEntry
           include Util::Chainable
-          chainable_attr :prerouting, true, false, lambda{|i| @postrouting = false; input_only(true); output_only(false) }
-          chainable_attr :input_only
-          chainable_attr :postrouting, true, false, lambda{|i| @prerouting = false; input_only(false); output_only(true) }
-          chainable_attr :output_only
+          include FromToNetAddr
+          include InputOutputOnly
+          chainable_attr :prerouting, true, false, lambda{|i| @postrouting = false; input_only }
+          chainable_attr :postrouting, true, false, lambda{|i| @prerouting = false; output_only }
           chainable_attr :to_source
           chainable_attr :interface
-          chainable_attr :from_interface, true, false
+          chainable_attr :from_my_net, true, false
+          chainable_attr :to_my_net, true, false
           chainable_attr_value :from_net, nil
           chainable_attr_value :to_net, nil
           chainable_attr_value :action, nil
+
+          def initialize
+            @from_is = nil
+          end
+
+          def from_is_inbound?
+            @from_is == :inbound
+          end
+          def from_is_outbound?
+            @from_is == :outbound
+          end
+          def from_is(direction)
+            @from_is = direction
+            self
+          end
         end
 
         def add
@@ -136,17 +225,26 @@ module Construqt
 
         class ForwardEntry
           include Util::Chainable
+          include FromToNetAddr
+          include InputOutputOnly
+
           chainable_attr :interface
           chainable_attr :connection
-          chainable_attr :input_only, true, true
-          chainable_attr :output_only, true, true
-          chainable_attr :from_interface, true, false
+          chainable_attr :from_my_net, true, false
+          chainable_attr :to_my_net, true, false
+          chainable_attr :from_route, true, false
           chainable_attr :connection
+          chainable_attr :link_local
+          chainable_attr :icmp
+          chainable_attr :esp
+          chainable_attr :ah
           chainable_attr :tcp
           chainable_attr :udp
+          chainable_attr :type, nil
           chainable_attr_value :log, nil
           chainable_attr_value :from_net, nil
           chainable_attr_value :to_net, nil
+          chainable_attr_value :to_host, nil
           chainable_attr_value :action, nil
 
           def initialize
@@ -161,6 +259,7 @@ module Construqt
           end
           def from_is(direction)
             @from_is = direction
+            self
           end
 
           def port(port)
@@ -198,9 +297,9 @@ module Construqt
         end
 
         class HostEntry < Forward::ForwardEntry
-          include Util::Chainable
-          chainable_attr :from_host
-          chainable_attr :to_host
+          #include Util::Chainable
+          alias_method :from_me, :from_my_net
+          alias_method :to_me, :to_my_net
         end
 
         def add