infrataster-plugin-firewall 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -2
  3. data/RELEASE_NOTES.md +10 -0
  4. data/lib/infrataster/contexts/firewall_context.rb +11 -7
  5. data/lib/infrataster/plugin/firewall/capture.rb +3 -3
  6. data/lib/infrataster/plugin/firewall/transfer.rb +4 -4
  7. data/lib/infrataster/plugin/firewall/version.rb +1 -1
  8. data/spec/integration/firewall_spec.rb +2 -0
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 36a35d83702e05bc1eb186299fd7007e1f9fa27d
4
- data.tar.gz: cdb6310a44878446dd3d72e2888f6eb37f6fb7de
3
+ metadata.gz: 5c6fb638743aa14b0bfdcb5aaffa6ae8b4af64d5
4
+ data.tar.gz: ffae74342cd92a04bf17796f4b4509bdcfd445ab
5
5
  SHA512:
6
- metadata.gz: 536be10b3c0f5b31b36731083402785f3371cc6a5b09ce07053a6545dbc1edf5cbcd350bfa83fafbf9e4574d6655229e6833bb85fb8e80f68f187fb241ca1e05
7
- data.tar.gz: 5c45ad6042cd4429bf2ba4766587f9a56c36edd978e9455ad08264e8fad8e89fce07e5262ba4a3e1da360ba149397547980bf07d81b3b642a02261b727b415d0
6
+ metadata.gz: 472b21cf931b06826e6fe510dc1013d63974c1688fc90dbbce73b8efafbdf61d0c39b764cb4e83308bb58fdfab247cda0d276ec71bfa87c8abcfb0f86a2e94c9
7
+ data.tar.gz: fb4b7b7354ad85674f26df7a0ed4f00f883cc08b6157107ea40838e5fcfaec261de2665d25cd8102f2f8195514f015863fddbf4c4e9daf3a0a26c68c35b66b02
data/README.md CHANGED
@@ -34,6 +34,8 @@ describe server(:src) do
34
34
  it { is_expected.to be_reachable.dest_port(80) } #TCP:80
35
35
  it { is_expected.to be_reachable.tcp.dest_port(80) }
36
36
  it { is_expected.to be_reachable.udp.dest_port(53) }
37
+ it { is_expected.to be_reachable.dest_port('80/tcp') }
38
+ it { is_expected.to be_reachable.dest_port('53/udp') }
37
39
  it { is_expected.to be_reachable.tcp.dest_port(80).source_port(30123) }
38
40
  end
39
41
  end
@@ -50,13 +52,18 @@ server 'src'
50
52
  should reach to server 'dst' dest_port: 80
51
53
  should reach to server 'dst' tcp dest_port: 80
52
54
  should reach to server 'dst' udp dest_port: 53
55
+ should reach to server 'dst' dest_port: 80/tcp
56
+ should reach to server 'dst' dest_port: 53/udp
53
57
  should reach to server 'dst' tcp dest_port: 80 source_port: 30123
54
58
 
55
- Finished in 15.87 seconds (files took 0.58711 seconds to load)
56
- 5 examples, 0 failures
59
+ Finished in 21.35 seconds (files took 0.7851 seconds to load)
60
+ 7 examples, 0 failures
57
61
  $
58
62
  ```
59
63
 
64
+ ## Release Notes
65
+
66
+ [Release Notes](./RELEASE_NOTES.md)
60
67
 
61
68
  ## Contributing
62
69
 
data/RELEASE_NOTES.md ADDED
@@ -0,0 +1,10 @@
1
+ # Release Notes
2
+
3
+ ## v0.1.1
4
+
5
+ * Add acceptable port format like 80/tcp.
6
+ * Change default timeout to 5 to 3 sec.
7
+
8
+ ## v0.1.0
9
+
10
+ * First Release.
data/lib/infrataster/contexts/firewall_context.rb CHANGED
@@ -19,35 +19,39 @@ module Infrataster
19
19
 
20
20
  chain :icmp do
21
21
  @options ||= {}
22
- @options.merge!(protocol: :ICMP) unless @options[:protocol]
22
+ @options.merge!(protocol: :icmp) unless @options[:protocol]
23
23
  end
24
24
 
25
25
  chain :tcp do
26
26
  @options ||= {}
27
- @options.merge!(protocol: :TCP) unless @options[:protocol]
27
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
28
28
  @chain_string ||= ''
29
29
  @chain_string += ' tcp'
30
30
  end
31
31
 
32
32
  chain :udp do
33
33
  @options ||= {}
34
- @options.merge!(protocol: :UDP) unless @options[:protocol]
34
+ @options.merge!(protocol: :udp) unless @options[:protocol]
35
35
  @chain_string ||= ''
36
36
  @chain_string += ' udp'
37
37
  end
38
38
 
39
39
  chain :dest_port do |port|
40
+ port_number, protocol = port.to_s.split('/')
40
41
  @options ||= {}
41
- @options.merge!(dest_port: port)
42
- @options.merge!(protocol: :TCP) unless @options[:protocol]
42
+ @options.merge!(dest_port: port_number)
43
+ @options.merge!(protocol: protocol.to_sym) if protocol
44
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
43
45
  @chain_string ||= ''
44
46
  @chain_string += " dest_port: #{port}"
45
47
  end
46
48
 
47
49
  chain :source_port do |port|
50
+ port_number, protocol = port.to_s.split('/')
48
51
  @options ||= {}
49
- @options.merge!(source_port: port)
50
- @options.merge!(protocol: :TCP) unless @options[:protocol]
52
+ @options.merge!(source_port: port_number)
53
+ @options.merge!(protocol: protocol.to_sym) if protocol
54
+ @options.merge!(protocol: :tcp) unless @options[:protocol]
51
55
  @chain_string ||= ''
52
56
  @chain_string += " source_port: #{port}"
53
57
  end
data/lib/infrataster/plugin/firewall/capture.rb CHANGED
@@ -6,12 +6,12 @@ module Infrataster
6
6
  class Capture
7
7
  attr_reader :result, :output
8
8
 
9
- def initialize(node, bpf = nil, term_sec = nil)
9
+ def initialize(node, bpf = nil, term_sec = 3)
10
10
  @node = node.respond_to?(:server) ? node.server :
11
11
  Net::SSH.start(node, config: true)
12
- @bpf = bpf ? bpf : ''
12
+ @bpf = bpf
13
13
  @connected = false
14
- @term_sec = term_sec ? term_sec : 5
14
+ @term_sec = term_sec
15
15
  @thread = nil
16
16
  @ssh = nil
17
17
  @result = false
data/lib/infrataster/plugin/firewall/transfer.rb CHANGED
@@ -7,16 +7,16 @@ module Infrataster
7
7
  def initialize(src_node, dest_node, options = {})
8
8
  @src_node = src_node
9
9
  @dest_node = dest_node
10
- @protocol = options[:protocol] ? options[:protocol] : :ICMP
10
+ @protocol = options[:protocol] ? options[:protocol] : :icmp
11
11
  @dest_port = options[:dest_port] ? options[:dest_port] : 80
12
12
  @source_port = options[:source_port] ? options[:source_port] : nil
13
13
  end
14
14
 
15
15
  def reachable?
16
16
  case @protocol
17
- when :ICMP
17
+ when :icmp
18
18
  icmp_reachable?
19
- when :TCP, :UDP
19
+ when :tcp, :udp
20
20
  transport_reachable?
21
21
  end
22
22
  end
@@ -39,7 +39,7 @@ module Infrataster
39
39
  bpf = Capture.bpf(bpf_options)
40
40
  capture = Capture.new(@dest_node, bpf)
41
41
  capture.open do
42
- nc_option = @protocol == :UDP ? '-u' : '-t'
42
+ nc_option = @protocol == :udp ? '-u' : '-t'
43
43
  nc_option += @source_port ? " -p #{@source_port}" : ''
44
44
  @src_node.server
45
45
  .ssh_exec("echo test|nc #{dest_addr} #{@dest_port} #{nc_option}")
data/lib/infrataster/plugin/firewall/version.rb CHANGED
@@ -2,7 +2,7 @@ module Infrataster
2
2
  module Plugin
3
3
  # Infrataster plugin for firewall
4
4
  module Firewall
5
- VERSION = '0.1.0'
5
+ VERSION = '0.1.1'
6
6
  end
7
7
  end
8
8
  end
data/spec/integration/firewall_spec.rb CHANGED
@@ -6,6 +6,8 @@ describe server(:src) do
6
6
  it { is_expected.to be_reachable.dest_port(80) }
7
7
  it { is_expected.to be_reachable.tcp.dest_port(80) }
8
8
  it { is_expected.to be_reachable.udp.dest_port(53) }
9
+ it { is_expected.to be_reachable.dest_port('80/tcp') }
10
+ it { is_expected.to be_reachable.dest_port('53/udp') }
9
11
  it { is_expected.to be_reachable.tcp.dest_port(80).source_port(30123) }
10
12
  end
11
13
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: infrataster-plugin-firewall
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Hiroshi Ota
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-15 00:00:00.000000000 Z
11
+ date: 2015-04-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: infrataster
@@ -121,6 +121,7 @@ files:
121
121
  - Gemfile
122
122
  - LICENSE.txt
123
123
  - README.md
124
+ - RELEASE_NOTES.md
124
125
  - Rakefile
125
126
  - infrataster-plugin-firewall.gemspec
126
127
  - lib/infrataster-plugin-firewall.rb