enfcli 4.0.0 → 5.0.0.pre.alpha
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/Dockerfile +2 -2
- data/.circleci/config.yml +5 -0
- data/Gemfile.lock +38 -26
- data/Makefile +7 -0
- data/README.md +52 -7
- data/enfcli.gemspec +28 -26
- data/format.sh +9 -0
- data/lib/enfapi.rb +184 -237
- data/lib/enfapi/dns.rb +95 -0
- data/lib/enfapi/firewall.rb +37 -0
- data/lib/enfapi/user.rb +75 -0
- data/lib/enfcli.rb +211 -111
- data/lib/enfcli/commands/captive.rb +518 -157
- data/lib/enfcli/commands/user.rb +208 -160
- data/lib/enfcli/commands/xcr.rb +151 -119
- data/lib/enfcli/commands/xdns.rb +65 -55
- data/lib/enfcli/commands/xfw.rb +37 -37
- data/lib/enfcli/commands/xiam.rb +87 -80
- data/lib/enfcli/version.rb +2 -2
- data/lib/enfthor.rb +38 -14
- metadata +65 -5
data/lib/enfcli/commands/xdns.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright 2019 Xaptum,Inc
|
2
|
+
# Copyright 2019-2020 Xaptum,Inc
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -13,17 +13,16 @@
|
|
13
13
|
# See the License for the specific language governing permissions and
|
14
14
|
# limitations under the License.
|
15
15
|
#
|
16
|
-
require
|
17
|
-
require
|
16
|
+
require "enfthor"
|
17
|
+
require "enfapi/dns"
|
18
18
|
|
19
19
|
module EnfCli
|
20
20
|
module Cmd
|
21
|
-
|
22
21
|
class Xdns < EnfThor
|
23
|
-
DnsRecordType_AAAA =
|
24
|
-
DnsRecordType_TXT =
|
25
|
-
DnsRecordType_SRV =
|
26
|
-
DnsRecordType_CNAME =
|
22
|
+
DnsRecordType_AAAA = "AAAA"
|
23
|
+
DnsRecordType_TXT = "TXT"
|
24
|
+
DnsRecordType_SRV = "SRV"
|
25
|
+
DnsRecordType_CNAME = "CNAME"
|
27
26
|
DnsRecordTypes = [DnsRecordType_AAAA, DnsRecordType_CNAME, DnsRecordType_SRV, DnsRecordType_TXT]
|
28
27
|
|
29
28
|
no_commands {
|
@@ -35,13 +34,10 @@ module EnfCli
|
|
35
34
|
case type
|
36
35
|
when DnsRecordType_AAAA
|
37
36
|
value = value[:ipv6]
|
38
|
-
|
39
37
|
when DnsRecordType_CNAME
|
40
38
|
value = value[:dname]
|
41
|
-
|
42
39
|
when DnsRecordType_SRV
|
43
40
|
value = "#{value[:priority]} #{value[:weight]} #{value[:port]} #{value[:target]}"
|
44
|
-
|
45
41
|
when DnsRecordType_TXT
|
46
42
|
value = value[:txt]
|
47
43
|
end
|
@@ -50,33 +46,33 @@ module EnfCli
|
|
50
46
|
end
|
51
47
|
|
52
48
|
def display_zones_table(zones)
|
53
|
-
headings = [
|
54
|
-
rows = zones.map{ |hash|
|
55
|
-
[
|
49
|
+
headings = ["Id", "Zone", "Description", "Privileged", "Enf Domain"]
|
50
|
+
rows = zones.map { |hash|
|
51
|
+
[hash[:id], hash[:zone_domain_name], hash[:description], hash[:privileged], hash[:enf_domain]]
|
56
52
|
}
|
57
53
|
render_table(headings, rows)
|
58
54
|
end
|
59
55
|
|
60
56
|
def display_networks_table(networks)
|
61
|
-
headings = [
|
62
|
-
rows = networks.map{ |hash|
|
63
|
-
[
|
57
|
+
headings = ["Id", "Network"]
|
58
|
+
rows = networks.map { |hash|
|
59
|
+
[hash[:rowid], hash[:enf_network]]
|
64
60
|
}
|
65
61
|
render_table(headings, rows)
|
66
62
|
end
|
67
63
|
|
68
64
|
def display_records_table(records)
|
69
|
-
headings = [
|
70
|
-
rows = records.map{ |hash|
|
71
|
-
[
|
65
|
+
headings = ["Id", "Name", "Type", "Value", "TTL"]
|
66
|
+
rows = records.map { |hash|
|
67
|
+
[hash[:id], hash[:name], hash[:type], get_record_value(hash[:type], hash[:value]), hash[:ttl]]
|
72
68
|
}
|
73
69
|
render_table(headings, rows)
|
74
70
|
end
|
75
71
|
|
76
72
|
def display_servers_table(servers)
|
77
|
-
headings = [
|
78
|
-
rows = servers.map{ |hash|
|
79
|
-
[
|
73
|
+
headings = ["Id", "IPv6", "Network", "Description"]
|
74
|
+
rows = servers.map { |hash|
|
75
|
+
[hash[:id], hash[:ipv6], hash[:enf_network], hash[:description]]
|
80
76
|
}
|
81
77
|
render_table(headings, rows)
|
82
78
|
end
|
@@ -86,30 +82,38 @@ module EnfCli
|
|
86
82
|
method_option :'zone-domain-name', :type => :string, :required => true
|
87
83
|
method_option :description, :type => :array, :banner => "DESCRIPTION"
|
88
84
|
method_option :'enf-domain', :type => :string, :banner => "/48 Enf Domain"
|
85
|
+
method_option :'enf-network', :type => :string, :banner => "/64 Enf Network"
|
86
|
+
|
89
87
|
def create_zone
|
90
88
|
try_with_rescue_in_session do
|
91
89
|
## session
|
92
90
|
session = EnfCli::CTX.instance.session
|
93
91
|
|
94
92
|
## Gather parameters
|
95
|
-
zone_domain_name = options[
|
93
|
+
zone_domain_name = options["zone-domain-name"]
|
96
94
|
description = array_option_to_string(options.description) if options.description
|
97
|
-
|
98
|
-
|
99
|
-
enf_domain = options['enf-domain']
|
95
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
96
|
+
enf_domain = options["enf-domain"]
|
100
97
|
raise "No value provided for required options '--enf-domain'" unless enf_domain
|
101
|
-
|
102
98
|
else
|
103
|
-
enf_domain = session[:
|
99
|
+
enf_domain = session[:domain]
|
100
|
+
end
|
101
|
+
|
102
|
+
enf_network = options["enf-network"]
|
103
|
+
unless EnfCli::CTX.instance.edit_domain_role?
|
104
|
+
raise "No value provided for required option '--enf-network'" unless enf_network
|
104
105
|
end
|
105
106
|
|
106
107
|
## create request hash
|
107
108
|
new_zone = {
|
108
109
|
:zone_domain_name => zone_domain_name,
|
109
110
|
:description => description,
|
110
|
-
:enf_domain => enf_domain
|
111
|
+
:enf_domain => enf_domain,
|
111
112
|
}
|
112
113
|
|
114
|
+
## add enf_network to request if present
|
115
|
+
new_zone[:enf_network] = enf_network if enf_network
|
116
|
+
|
113
117
|
## call api
|
114
118
|
data = EnfApi::Dns.instance.create_dns_zone new_zone
|
115
119
|
zones = data[:data]
|
@@ -123,18 +127,17 @@ module EnfCli
|
|
123
127
|
|
124
128
|
desc "list-zones", "List DNS Zones"
|
125
129
|
method_option :'enf-domain', :type => :string, :banner => "/48 Enf Domain"
|
130
|
+
|
126
131
|
def list_zones
|
127
132
|
try_with_rescue_in_session do
|
128
133
|
## session
|
129
134
|
session = EnfCli::CTX.instance.session
|
130
135
|
|
131
|
-
|
132
|
-
|
133
|
-
enf_domain = options['enf-domain']
|
136
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
137
|
+
enf_domain = options["enf-domain"]
|
134
138
|
raise "No value provided for required options '--enf-domain'" unless enf_domain
|
135
|
-
|
136
139
|
else
|
137
|
-
enf_domain = session[:
|
140
|
+
enf_domain = session[:domain]
|
138
141
|
end
|
139
142
|
|
140
143
|
## call api
|
@@ -148,6 +151,7 @@ module EnfCli
|
|
148
151
|
|
149
152
|
desc "delete-zone", "Delete a DNS zone"
|
150
153
|
method_option :'zone-id', :type => :string, :required => true
|
154
|
+
|
151
155
|
def delete_zone
|
152
156
|
try_with_rescue_in_session do
|
153
157
|
zone_id = options[:'zone-id']
|
@@ -162,6 +166,7 @@ module EnfCli
|
|
162
166
|
desc "update-zone", "Update a DNS zone description"
|
163
167
|
method_option :'zone-id', :type => :string, :required => true
|
164
168
|
method_option :description, :type => :array, :banner => "DESCRIPTION", :required => true
|
169
|
+
|
165
170
|
def update_zone
|
166
171
|
try_with_rescue_in_session do
|
167
172
|
## get parameters
|
@@ -169,7 +174,7 @@ module EnfCli
|
|
169
174
|
|
170
175
|
## update request
|
171
176
|
update_zone_req = {
|
172
|
-
:description => description
|
177
|
+
:description => description,
|
173
178
|
}
|
174
179
|
|
175
180
|
## call api
|
@@ -184,15 +189,16 @@ module EnfCli
|
|
184
189
|
desc "add-networks-to-zone", "Add /64 networks to DNS zone"
|
185
190
|
method_option :'zone-id', :type => :string, :required => true
|
186
191
|
method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
|
192
|
+
|
187
193
|
def add_networks_to_zone
|
188
194
|
try_with_rescue_in_session do
|
189
195
|
## gather parameters
|
190
196
|
zone_id = options[:'zone-id']
|
191
|
-
networks = array_option_to_string(options[:networks]).split(",").map{ |x| x.strip }
|
197
|
+
networks = array_option_to_string(options[:networks]).split(",").map { |x| x.strip }
|
192
198
|
|
193
199
|
## add networks request
|
194
200
|
add_networks_req = {
|
195
|
-
:networks => networks
|
201
|
+
:networks => networks,
|
196
202
|
}
|
197
203
|
|
198
204
|
## call api
|
@@ -207,6 +213,7 @@ module EnfCli
|
|
207
213
|
|
208
214
|
desc "list-networks-in-zone", "List /64 networks in DNS zone"
|
209
215
|
method_option :'zone-id', :type => :string, :required => true
|
216
|
+
|
210
217
|
def list_networks_in_zone
|
211
218
|
try_with_rescue_in_session do
|
212
219
|
## gather parameters
|
@@ -224,6 +231,7 @@ module EnfCli
|
|
224
231
|
desc "delete-networks-from-zone", "Delete /64 networks from DNS zone"
|
225
232
|
method_option :'zone-id', :type => :string, :required => true
|
226
233
|
method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
|
234
|
+
|
227
235
|
def delete_networks_from_zone
|
228
236
|
try_with_rescue_in_session do
|
229
237
|
## gather parameters
|
@@ -241,15 +249,16 @@ module EnfCli
|
|
241
249
|
desc "replace-networks-in-zone", "Replace /64 networks in DNS zone"
|
242
250
|
method_option :'zone-id', :type => :string, :required => true
|
243
251
|
method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
|
252
|
+
|
244
253
|
def replace_networks_in_zone
|
245
254
|
try_with_rescue_in_session do
|
246
255
|
## gather parameters
|
247
256
|
zone_id = options[:'zone-id']
|
248
|
-
networks = array_option_to_string(options[:networks]).split(",").map{ |x| x.strip }
|
257
|
+
networks = array_option_to_string(options[:networks]).split(",").map { |x| x.strip }
|
249
258
|
|
250
259
|
## replace networks request
|
251
260
|
replace_networks_req = {
|
252
|
-
:networks => networks
|
261
|
+
:networks => networks,
|
253
262
|
}
|
254
263
|
|
255
264
|
## call api
|
@@ -262,6 +271,7 @@ module EnfCli
|
|
262
271
|
|
263
272
|
desc "list-zones-in-network", "List DNS Zones in /64 Network"
|
264
273
|
method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
|
274
|
+
|
265
275
|
def list_zones_in_network
|
266
276
|
try_with_rescue_in_session do
|
267
277
|
## gather parameters
|
@@ -278,11 +288,12 @@ module EnfCli
|
|
278
288
|
|
279
289
|
desc "create-record", "Create a DNS record"
|
280
290
|
method_option :'zone-id', :type => :string, :required => true
|
281
|
-
method_option :name, :type => :string, :banner =>
|
282
|
-
|
283
|
-
method_option :'type',
|
291
|
+
method_option :name, :type => :string, :banner => "<name>",
|
292
|
+
:desc => "<name> is DNS record name. Enter . to create a record with the zone domain name"
|
293
|
+
method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
|
284
294
|
method_option :ttl, :type => :numeric, :required => true
|
285
|
-
method_option :value, :type => :array, :required => true, :banner =>
|
295
|
+
method_option :value, :type => :array, :required => true, :banner => "VALUE"
|
296
|
+
|
286
297
|
def create_record
|
287
298
|
try_with_rescue_in_session do
|
288
299
|
## gather parameters
|
@@ -297,28 +308,23 @@ module EnfCli
|
|
297
308
|
when DnsRecordType_AAAA
|
298
309
|
ipv6 = EnfCli::IPV6.new(value).to_s
|
299
310
|
value = { :ipv6 => ipv6 }
|
300
|
-
|
301
311
|
when DnsRecordType_CNAME
|
302
312
|
value = { :dname => value }
|
303
|
-
|
304
313
|
when DnsRecordType_SRV
|
305
314
|
raise "Invalid value for #{DnsRecordType_SRV} record" unless options.value.length == 4
|
306
315
|
value = { :priority => Integer(options.value[0]),
|
307
316
|
:weight => Integer(options.value[1]),
|
308
317
|
:port => Integer(options.value[2]),
|
309
|
-
:target => options.value[3]
|
310
|
-
}
|
311
|
-
|
318
|
+
:target => options.value[3] }
|
312
319
|
when DnsRecordType_TXT
|
313
320
|
value = { :txt => value }
|
314
321
|
end
|
315
322
|
|
316
|
-
|
317
323
|
## create request hash
|
318
324
|
new_record = {
|
319
325
|
:type => type,
|
320
326
|
:ttl => ttl,
|
321
|
-
:value => value
|
327
|
+
:value => value,
|
322
328
|
}
|
323
329
|
|
324
330
|
## optionally add name to request hash
|
@@ -336,6 +342,7 @@ module EnfCli
|
|
336
342
|
|
337
343
|
desc "list-records", "List DNS records in a DNS zone"
|
338
344
|
method_option :'zone-id', :type => :string, :required => true
|
345
|
+
|
339
346
|
def list_records
|
340
347
|
try_with_rescue_in_session do
|
341
348
|
## gather parameters
|
@@ -353,7 +360,8 @@ module EnfCli
|
|
353
360
|
desc "query", "Query DNS for a record"
|
354
361
|
method_option :'network', :type => :string, :required => true, :banner => "/64 Enf Network"
|
355
362
|
method_option :name, :type => :string, :required => true
|
356
|
-
method_option :'type',
|
363
|
+
method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
|
364
|
+
|
357
365
|
def query
|
358
366
|
try_with_rescue_in_session do
|
359
367
|
## gather parameters
|
@@ -372,6 +380,7 @@ module EnfCli
|
|
372
380
|
|
373
381
|
desc "delete-record", "Delete a DNS record"
|
374
382
|
method_option :'id', :type => :string, :required => true
|
383
|
+
|
375
384
|
def delete_record
|
376
385
|
try_with_rescue_in_session do
|
377
386
|
## gather parameters
|
@@ -389,6 +398,7 @@ module EnfCli
|
|
389
398
|
method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
|
390
399
|
method_option :'ipv6', :type => :string
|
391
400
|
method_option :description, :type => :array, :banner => "DESCRIPTION"
|
401
|
+
|
392
402
|
def provision_server
|
393
403
|
try_with_rescue_in_session do
|
394
404
|
## gather parameters
|
@@ -398,7 +408,7 @@ module EnfCli
|
|
398
408
|
|
399
409
|
new_server = {
|
400
410
|
:ipv6 => ipv6,
|
401
|
-
:description => description
|
411
|
+
:description => description,
|
402
412
|
}
|
403
413
|
|
404
414
|
## call API
|
@@ -412,6 +422,7 @@ module EnfCli
|
|
412
422
|
|
413
423
|
desc "list-servers", "List DNS server in /64 network"
|
414
424
|
method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
|
425
|
+
|
415
426
|
def list_servers
|
416
427
|
try_with_rescue_in_session do
|
417
428
|
## gather parameters
|
@@ -429,6 +440,7 @@ module EnfCli
|
|
429
440
|
desc "delete-server", "Delete DNS server in /64 network"
|
430
441
|
method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
|
431
442
|
method_option :'ipv6', :type => :string, :banner => "Server Ipv6", :required => true
|
443
|
+
|
432
444
|
def delete_server
|
433
445
|
try_with_rescue_in_session do
|
434
446
|
## gather parameters
|
@@ -442,8 +454,6 @@ module EnfCli
|
|
442
454
|
say "Delete DNS server with ipv6 #{ipv6} in #{network}!", :green
|
443
455
|
end
|
444
456
|
end
|
445
|
-
|
446
457
|
end # Xdns
|
447
|
-
|
448
458
|
end # Cmd module
|
449
459
|
end # EnfCli module
|
data/lib/enfcli/commands/xfw.rb
CHANGED
@@ -13,27 +13,26 @@
|
|
13
13
|
# See the License for the specific language governing permissions and
|
14
14
|
# limitations under the License.
|
15
15
|
#
|
16
|
-
require
|
17
|
-
require
|
18
|
-
require
|
19
|
-
require
|
20
|
-
require
|
21
|
-
require
|
16
|
+
require "enfthor"
|
17
|
+
require "enfapi/firewall"
|
18
|
+
require "base64"
|
19
|
+
require "digest"
|
20
|
+
require "openssl"
|
21
|
+
require "ipaddr"
|
22
22
|
|
23
23
|
module EnfCli
|
24
24
|
module Cmd
|
25
|
-
|
26
25
|
class Xfw < EnfThor
|
27
26
|
no_commands {
|
28
|
-
def display_firewall_rules
|
29
|
-
headings = [
|
30
|
-
rows = rules.map{ |hash|
|
31
|
-
[
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
27
|
+
def display_firewall_rules(rules)
|
28
|
+
headings = ["Id", "Priority", "Protocol", "Direction", "Source", "Source Port", "Destination", "Destination Port", "Action"]
|
29
|
+
rows = rules.map { |hash|
|
30
|
+
[hash[:id], hash[:priority], hash[:protocol], hash[:direction],
|
31
|
+
hash[:source_ip] == "" ? "*" : hash[:source_ip],
|
32
|
+
hash[:source_port] == 0 ? "*" : hash[:source_port],
|
33
|
+
hash[:dest_ip] == "" ? "*" : hash[:dest_ip],
|
34
|
+
hash[:dest_port] == 0 ? "*" : hash[:dest_port],
|
35
|
+
hash[:action]]
|
37
36
|
}
|
38
37
|
render_table(headings, rows)
|
39
38
|
end
|
@@ -41,40 +40,41 @@ module EnfCli
|
|
41
40
|
|
42
41
|
desc "list-firewall-rules", "List all firewall rules in a /64 network"
|
43
42
|
method_option :network, :type => :string, :required => true
|
43
|
+
|
44
44
|
def list_firewall_rules
|
45
45
|
try_with_rescue_in_session do
|
46
46
|
# call the api
|
47
47
|
rules = EnfApi::Firewall.instance.list_firewall_rules options[:network]
|
48
48
|
|
49
49
|
# display empty table and return
|
50
|
-
if rules.length == 0
|
50
|
+
if rules.length == 0
|
51
51
|
display_firewall_rules rules
|
52
52
|
return
|
53
53
|
end
|
54
54
|
|
55
55
|
# sort the rules by direction, priority
|
56
|
-
sorted_rules = rules.sort{ |x,y|
|
56
|
+
sorted_rules = rules.sort { |x, y|
|
57
57
|
r = x[:direction] <=> y[:direction]
|
58
|
-
if r == 0
|
58
|
+
if r == 0
|
59
59
|
x[:priority] <=> y[:priority]
|
60
60
|
else
|
61
61
|
r
|
62
62
|
end
|
63
63
|
}
|
64
|
-
|
64
|
+
|
65
65
|
# chunk them into egress/ingress arrays
|
66
66
|
egress_rules = Array.new
|
67
67
|
ingress_rules = Array.new
|
68
|
-
sorted_rules.each{ |rule|
|
69
|
-
if rule[:direction] ==
|
68
|
+
sorted_rules.each { |rule|
|
69
|
+
if rule[:direction] == "INGRESS"
|
70
70
|
ingress_rules << rule
|
71
71
|
else
|
72
72
|
egress_rules << rule
|
73
73
|
end
|
74
74
|
}
|
75
|
-
|
75
|
+
|
76
76
|
# display data
|
77
|
-
if egress_rules.length > 0
|
77
|
+
if egress_rules.length > 0
|
78
78
|
say "Egress firewall rules(Endpoint -> ENF)", :yellow
|
79
79
|
display_firewall_rules egress_rules
|
80
80
|
|
@@ -82,7 +82,7 @@ module EnfCli
|
|
82
82
|
say ""
|
83
83
|
end
|
84
84
|
|
85
|
-
if ingress_rules.length > 0
|
85
|
+
if ingress_rules.length > 0
|
86
86
|
say "Ingress firewall rules(ENF -> Endpoint)", :yellow
|
87
87
|
display_firewall_rules ingress_rules
|
88
88
|
end
|
@@ -92,28 +92,28 @@ module EnfCli
|
|
92
92
|
desc "add-firewall-rule", "Add a firewall rule to a /64 network"
|
93
93
|
method_option :network, :type => :string, :required => true
|
94
94
|
method_option :priority, :type => :numeric, :required => true
|
95
|
-
method_option :protocol, :type => :string, :required => true, :enum => [
|
95
|
+
method_option :protocol, :type => :string, :required => true, :enum => ["TCP", "UDP", "ICMP6", "6", "17", "58"]
|
96
96
|
method_option :source_ip, :type => :string
|
97
97
|
method_option :source_port, :type => :numeric
|
98
98
|
method_option :dest_ip, :type => :string
|
99
99
|
method_option :dest_port, :type => :numeric
|
100
|
-
method_option :direction, :type => :string, :required => true, :enum => [
|
101
|
-
method_option :action, :type => :string, :required => true, :enum => [
|
102
|
-
|
100
|
+
method_option :direction, :type => :string, :required => true, :enum => ["EGRESS", "INGRESS"]
|
101
|
+
method_option :action, :type => :string, :required => true, :enum => ["ACCEPT", "DROP"]
|
102
|
+
|
103
103
|
def add_firewall_rule
|
104
|
-
protocol_map = {
|
104
|
+
protocol_map = { "TCP" => "TCP", "UDP" => "UDP", "ICMP6" => "ICMP6", "6" => "TCP", "17" => "UDP", "58" => "ICMP6" }
|
105
105
|
try_with_rescue_in_session do
|
106
106
|
# get options
|
107
107
|
rule = {
|
108
|
-
:ip_family =>
|
108
|
+
:ip_family => "IP6",
|
109
109
|
:priority => options[:priority],
|
110
|
-
:protocol => protocol_map[
|
111
|
-
:source_ip => options[:source_ip] ? options[:source_ip] :
|
110
|
+
:protocol => protocol_map[options[:protocol]],
|
111
|
+
:source_ip => options[:source_ip] ? options[:source_ip] : "*",
|
112
112
|
:source_port => options[:source_port] ? options[:source_port] : 0,
|
113
|
-
:dest_ip => options[:dest_ip] ? options[:dest_ip] :
|
113
|
+
:dest_ip => options[:dest_ip] ? options[:dest_ip] : "*",
|
114
114
|
:dest_port => options[:dest_port] ? options[:dest_port] : 0,
|
115
115
|
:direction => options[:direction],
|
116
|
-
:action => options[:action]
|
116
|
+
:action => options[:action],
|
117
117
|
}
|
118
118
|
|
119
119
|
# call the api
|
@@ -127,6 +127,7 @@ module EnfCli
|
|
127
127
|
desc "delete-firewall-rule", "Delete a firewall rule"
|
128
128
|
method_option :network, :type => :string, :required => true
|
129
129
|
method_option :id, :type => :string, :required => true
|
130
|
+
|
130
131
|
def delete_firewall_rule
|
131
132
|
try_with_rescue_in_session do
|
132
133
|
# call the api
|
@@ -144,8 +145,7 @@ module EnfCli
|
|
144
145
|
# raise EnfCli::ERROR, "User Session not establised!" if !session
|
145
146
|
# EnfApi::Firewall.instance.delete_firewall_rules options[:network]
|
146
147
|
# end
|
147
|
-
|
148
|
-
end
|
149
148
|
|
149
|
+
end
|
150
150
|
end
|
151
151
|
end
|