infrataster-plugin-firewall 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -2
  3. data/RELEASE_NOTES.md +10 -0
  4. data/lib/infrataster/contexts/firewall_context.rb +11 -7
  5. data/lib/infrataster/plugin/firewall/capture.rb +3 -3
  6. data/lib/infrataster/plugin/firewall/transfer.rb +4 -4
  7. data/lib/infrataster/plugin/firewall/version.rb +1 -1
  8. data/spec/integration/firewall_spec.rb +2 -0
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 36a35d83702e05bc1eb186299fd7007e1f9fa27d
4
- data.tar.gz: cdb6310a44878446dd3d72e2888f6eb37f6fb7de
3
+ metadata.gz: 5c6fb638743aa14b0bfdcb5aaffa6ae8b4af64d5
4
+ data.tar.gz: ffae74342cd92a04bf17796f4b4509bdcfd445ab
5
5
  SHA512:
6
- metadata.gz: 536be10b3c0f5b31b36731083402785f3371cc6a5b09ce07053a6545dbc1edf5cbcd350bfa83fafbf9e4574d6655229e6833bb85fb8e80f68f187fb241ca1e05
7
- data.tar.gz: 5c45ad6042cd4429bf2ba4766587f9a56c36edd978e9455ad08264e8fad8e89fce07e5262ba4a3e1da360ba149397547980bf07d81b3b642a02261b727b415d0
6
+ metadata.gz: 472b21cf931b06826e6fe510dc1013d63974c1688fc90dbbce73b8efafbdf61d0c39b764cb4e83308bb58fdfab247cda0d276ec71bfa87c8abcfb0f86a2e94c9
7
+ data.tar.gz: fb4b7b7354ad85674f26df7a0ed4f00f883cc08b6157107ea40838e5fcfaec261de2665d25cd8102f2f8195514f015863fddbf4c4e9daf3a0a26c68c35b66b02
data/README.md CHANGED
@@ -34,6 +34,8 @@ describe server(:src) do
34
34
  it { is_expected.to be_reachable.dest_port(80) } #TCP:80
35
35
  it { is_expected.to be_reachable.tcp.dest_port(80) }
36
36
  it { is_expected.to be_reachable.udp.dest_port(53) }
37
+ it { is_expected.to be_reachable.dest_port('80/tcp') }
38
+ it { is_expected.to be_reachable.dest_port('53/udp') }
37
39
  it { is_expected.to be_reachable.tcp.dest_port(80).source_port(30123) }
38
40
  end
39
41
  end
@@ -50,13 +52,18 @@ server 'src'
50
52
  should reach to server 'dst' dest_port: 80
51
53
  should reach to server 'dst' tcp dest_port: 80
52
54
  should reach to server 'dst' udp dest_port: 53
55
+ should reach to server 'dst' dest_port: 80/tcp
56
+ should reach to server 'dst' dest_port: 53/udp
53
57
  should reach to server 'dst' tcp dest_port: 80 source_port: 30123
54
58
 
55
- Finished in 15.87 seconds (files took 0.58711 seconds to load)
56
- 5 examples, 0 failures
59
+ Finished in 21.35 seconds (files took 0.7851 seconds to load)
60
+ 7 examples, 0 failures
57
61
  $
58
62
  ```
59
63
 
64
+ ## Release Notes
65
+
66
+ [Release Notes](./RELEASE_NOTES.md)
60
67
 
61
68
  ## Contributing
62
69
 
data/RELEASE_NOTES.md ADDED
@@ -0,0 +1,10 @@
1
+ # Release Notes
2
+
3
+ ## v0.1.1
4
+
5
+ * Add acceptable port format like 80/tcp.
6
+ * Change default timeout to 5 to 3 sec.
7
+
8
+ ## v0.1.0
9
+
10
+ * First Release.
data/lib/infrataster/contexts/firewall_context.rb CHANGED
@@ -19,35 +19,39 @@ module Infrataster
19
19
 
20
20
  chain :icmp do
21
21
  @options ||= {}
22
- @options.merge!(protocol: :ICMP) unless @options[:protocol]
22
+ @options.merge!(protocol: :icmp) unless @options[:protocol]
23
23
  end
24
24
 
25
25
  chain :tcp do
26
26
  @options ||= {}
27
- @options.merge!(protocol: :TCP) unless @options[:protocol]
27
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
28
28
  @chain_string ||= ''
29
29
  @chain_string += ' tcp'
30
30
  end
31
31
 
32
32
  chain :udp do
33
33
  @options ||= {}
34
- @options.merge!(protocol: :UDP) unless @options[:protocol]
34
+ @options.merge!(protocol: :udp) unless @options[:protocol]
35
35
  @chain_string ||= ''
36
36
  @chain_string += ' udp'
37
37
  end
38
38
 
39
39
  chain :dest_port do |port|
40
+ port_number, protocol = port.to_s.split('/')
40
41
  @options ||= {}
41
- @options.merge!(dest_port: port)
42
- @options.merge!(protocol: :TCP) unless @options[:protocol]
42
+ @options.merge!(dest_port: port_number)
43
+ @options.merge!(protocol: protocol.to_sym) if protocol
44
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
43
45
  @chain_string ||= ''
44
46
  @chain_string += " dest_port: #{port}"
45
47
  end
46
48
 
47
49
  chain :source_port do |port|
50
+ port_number, protocol = port.to_s.split('/')
48
51
  @options ||= {}
49
- @options.merge!(source_port: port)
50
- @options.merge!(protocol: :TCP) unless @options[:protocol]
52
+ @options.merge!(source_port: port_number)
53
+ @options.merge!(protocol: protocol.to_sym) if protocol
54
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
51
55
  @chain_string ||= ''
52
56
  @chain_string += " source_port: #{port}"
53
57
  end
data/lib/infrataster/plugin/firewall/capture.rb CHANGED
@@ -6,12 +6,12 @@ module Infrataster
6
6
  class Capture
7
7
  attr_reader :result, :output
8
8
 
9
- def initialize(node, bpf = nil, term_sec = nil)
9
+ def initialize(node, bpf = nil, term_sec = 3)
10
10
  @node = node.respond_to?(:server) ? node.server :
11
11
  Net::SSH.start(node, config: true)
12
- @bpf = bpf ? bpf : ''
12
+ @bpf = bpf
13
13
  @connected = false
14
- @term_sec = term_sec ? term_sec : 5
14
+ @term_sec = term_sec
15
15
  @thread = nil
16
16
  @ssh = nil
17
17
  @result = false
data/lib/infrataster/plugin/firewall/transfer.rb CHANGED
@@ -7,16 +7,16 @@ module Infrataster
7
7
  def initialize(src_node, dest_node, options = {})
8
8
  @src_node = src_node
9
9
  @dest_node = dest_node
10
- @protocol = options[:protocol] ? options[:protocol] : :ICMP
10
+ @protocol = options[:protocol] ? options[:protocol] : :icmp
11
11
  @dest_port = options[:dest_port] ? options[:dest_port] : 80
12
12
  @source_port = options[:source_port] ? options[:source_port] : nil
13
13
  end
14
14
 
15
15
  def reachable?
16
16
  case @protocol
17
- when :ICMP
17
+ when :icmp
18
18
  icmp_reachable?
19
- when :TCP, :UDP
19
+ when :tcp, :udp
20
20
  transport_reachable?
21
21
  end
22
22
  end
@@ -39,7 +39,7 @@ module Infrataster
39
39
  bpf = Capture.bpf(bpf_options)
40
40
  capture = Capture.new(@dest_node, bpf)
41
41
  capture.open do
42
- nc_option = @protocol == :UDP ? '-u' : '-t'
42
+ nc_option = @protocol == :udp ? '-u' : '-t'
43
43
  nc_option += @source_port ? " -p #{@source_port}" : ''
44
44
  @src_node.server
45
45
  .ssh_exec("echo test|nc #{dest_addr} #{@dest_port} #{nc_option}")
data/lib/infrataster/plugin/firewall/version.rb CHANGED
@@ -2,7 +2,7 @@ module Infrataster
2
2
  module Plugin
3
3
  # Infrataster plugin for firewall
4
4
  module Firewall
5
- VERSION = '0.1.0'
5
+ VERSION = '0.1.1'
6
6
  end
7
7
  end
8
8
  end
data/spec/integration/firewall_spec.rb CHANGED
@@ -6,6 +6,8 @@ describe server(:src) do
6
6
  it { is_expected.to be_reachable.dest_port(80) }
7
7
  it { is_expected.to be_reachable.tcp.dest_port(80) }
8
8
  it { is_expected.to be_reachable.udp.dest_port(53) }
9
+ it { is_expected.to be_reachable.dest_port('80/tcp') }
10
+ it { is_expected.to be_reachable.dest_port('53/udp') }
9
11
  it { is_expected.to be_reachable.tcp.dest_port(80).source_port(30123) }
10
12
  end
11
13
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: infrataster-plugin-firewall
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Hiroshi Ota
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-15 00:00:00.000000000 Z
11
+ date: 2015-04-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: infrataster
@@ -121,6 +121,7 @@ files:
121
121
  - Gemfile
122
122
  - LICENSE.txt
123
123
  - README.md
124
+ - RELEASE_NOTES.md
124
125
  - Rakefile
125
126
  - infrataster-plugin-firewall.gemspec
126
127
  - lib/infrataster-plugin-firewall.rb