ipaccess 0.0.4 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- checksums.yaml.gz.sig +1 -0
- data.tar.gz.sig +0 -0
- data/.gemtest +0 -0
- data/.rspec +1 -0
- data/.yardopts +12 -0
- data/ChangeLog +1495 -0
- data/{docs/LGPL-LICENSE → LGPL-LICENSE} +0 -0
- data/Manifest.txt +76 -0
- data/README.md +96 -0
- data/Rakefile +65 -42
- data/docs/COPYING +41 -45
- data/docs/FAQ +12 -0
- data/docs/HISTORY +17 -0
- data/docs/LEGAL +1 -1
- data/docs/LGPL +166 -0
- data/docs/TODO +150 -7
- data/docs/images/ipaccess.png +0 -0
- data/docs/images/ipaccess_ac_for_args.png +0 -0
- data/docs/images/ipaccess_ac_for_socket.png +0 -0
- data/docs/images/ipaccess_logo.png +0 -0
- data/docs/images/ipaccess_relations.png +0 -0
- data/docs/images/ipaccess_setup_origin.png +0 -0
- data/docs/images/ipaccess_setup_origin_tab.png +0 -0
- data/docs/images/ipaccess_view.png +0 -0
- data/docs/rdoc.css +22 -0
- data/examples/ftp.rb +62 -0
- data/examples/http.rb +81 -0
- data/examples/imap.rb +37 -0
- data/examples/pop.rb +31 -0
- data/examples/smtp.rb +26 -0
- data/examples/tcp_server.rb +32 -0
- data/examples/tcp_socket.rb +7 -3
- data/examples/telnet.rb +32 -0
- data/examples/text_message.rb +45 -0
- data/lib/ipaccess.rb +557 -7
- data/lib/ipaccess/arm_sockets.rb +7 -4
- data/lib/ipaccess/ghost_doc/ghost_doc.rb +23 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_acl.rb +54 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_ftp.rb +213 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_http.rb +272 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_smtp.rb +186 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_telnet.rb +227 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_blacklist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_blacklist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unblacklist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unblacklist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unwhitelist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unwhitelist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_whitelist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_whitelist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_patched_usage.rb +64 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_sockets.rb +571 -0
- data/lib/ipaccess/ip_access_check.rb +508 -0
- data/lib/ipaccess/ip_access_errors.rb +186 -40
- data/lib/ipaccess/ip_access_list.rb +955 -1122
- data/lib/ipaccess/ip_access_set.rb +212 -0
- data/lib/ipaccess/net/ftp.rb +39 -0
- data/lib/ipaccess/net/http.rb +39 -0
- data/lib/ipaccess/net/https.rb +30 -0
- data/lib/ipaccess/net/imap.rb +39 -0
- data/lib/ipaccess/net/pop.rb +46 -0
- data/lib/ipaccess/net/smtp.rb +39 -0
- data/lib/ipaccess/net/telnet.rb +38 -0
- data/lib/ipaccess/patches/generic.rb +807 -0
- data/lib/ipaccess/patches/net_ftp.rb +165 -0
- data/lib/ipaccess/patches/net_http.rb +175 -0
- data/lib/ipaccess/patches/net_https.rb +29 -0
- data/lib/ipaccess/patches/net_imap.rb +117 -0
- data/lib/ipaccess/patches/net_pop.rb +171 -0
- data/lib/ipaccess/patches/net_smtp.rb +130 -0
- data/lib/ipaccess/patches/net_telnet.rb +103 -0
- data/lib/ipaccess/{netaddr_patch.rb → patches/netaddr.rb} +20 -11
- data/lib/ipaccess/patches/sockets.rb +586 -0
- data/lib/ipaccess/socket.rb +52 -1
- data/lib/ipaccess/sockets.rb +4 -30
- data/spec/ip_access_list_spec.rb +33 -21
- data/spec/spec.opts +2 -2
- metadata +289 -63
- metadata.gz.sig +0 -0
- data/docs/DOWNLOAD +0 -17
- data/docs/README +0 -95
- data/docs/WELCOME +0 -8
- data/lib/ipaccess/ghost_doc.rb +0 -206
- data/lib/ipaccess/ghost_doc_acl.rb +0 -31
- data/lib/ipaccess/ip_access.rb +0 -456
- data/lib/ipaccess/ip_access_patches.rb +0 -431
- data/spec/core_spec.rb +0 -5
data/docs/LGPL
ADDED
@@ -0,0 +1,166 @@
|
|
1
|
+
|
2
|
+
= GNU LESSER GENERAL PUBLIC LICENSE
|
3
|
+
Version 3, 29 June 2007
|
4
|
+
|
5
|
+
Copyright (C) 2007 Free Software Foundation, Inc. < http://fsf.org/ >
|
6
|
+
Everyone is permitted to copy and distribute verbatim copies
|
7
|
+
of this license document, but changing it is not allowed.
|
8
|
+
|
9
|
+
This version of the GNU Lesser General Public License incorporates
|
10
|
+
the terms and conditions of version 3 of the GNU General Public
|
11
|
+
License, supplemented by the additional permissions listed below.
|
12
|
+
|
13
|
+
=== 0. Additional Definitions.
|
14
|
+
|
15
|
+
As used herein, "this License" refers to version 3 of the GNU Lesser
|
16
|
+
General Public License, and the "GNU GPL" refers to version 3 of the GNU
|
17
|
+
General Public License.
|
18
|
+
|
19
|
+
The Library" refers to a covered work governed by this License,
|
20
|
+
other than an Application or a Combined Work as defined below.
|
21
|
+
|
22
|
+
An "Application" is any work that makes use of an interface provided
|
23
|
+
by the Library, but which is not otherwise based on the Library.
|
24
|
+
Defining a subclass of a class defined by the Library is deemed a mode
|
25
|
+
of using an interface provided by the Library.
|
26
|
+
|
27
|
+
A "Combined Work" is a work produced by combining or linking an
|
28
|
+
Application with the Library. The particular version of the Library
|
29
|
+
with which the Combined Work was made is also called the "Linked
|
30
|
+
Version".
|
31
|
+
|
32
|
+
The "Minimal Corresponding Source" for a Combined Work means the
|
33
|
+
Corresponding Source for the Combined Work, excluding any source code
|
34
|
+
for portions of the Combined Work that, considered in isolation, are
|
35
|
+
based on the Application, and not on the Linked Version.
|
36
|
+
|
37
|
+
The "Corresponding Application Code" for a Combined Work means the
|
38
|
+
object code and/or source code for the Application, including any data
|
39
|
+
and utility programs needed for reproducing the Combined Work from the
|
40
|
+
Application, but excluding the System Libraries of the Combined Work.
|
41
|
+
|
42
|
+
=== 1. Exception to Section 3 of the GNU GPL.
|
43
|
+
|
44
|
+
You may convey a covered work under sections 3 and 4 of this License
|
45
|
+
without being bound by section 3 of the GNU GPL.
|
46
|
+
|
47
|
+
=== 2. Conveying Modified Versions.
|
48
|
+
|
49
|
+
If you modify a copy of the Library, and, in your modifications, a
|
50
|
+
facility refers to a function or data to be supplied by an Application
|
51
|
+
that uses the facility (other than as an argument passed when the
|
52
|
+
facility is invoked), then you may convey a copy of the modified
|
53
|
+
version:
|
54
|
+
|
55
|
+
a) under this License, provided that you make a good faith effort to
|
56
|
+
ensure that, in the event an Application does not supply the
|
57
|
+
function or data, the facility still operates, and performs
|
58
|
+
whatever part of its purpose remains meaningful, or
|
59
|
+
|
60
|
+
b) under the GNU GPL, with none of the additional permissions of
|
61
|
+
this License applicable to that copy.
|
62
|
+
|
63
|
+
=== 3. Object Code Incorporating Material from Library Header Files.
|
64
|
+
|
65
|
+
The object code form of an Application may incorporate material from
|
66
|
+
a header file that is part of the Library. You may convey such object
|
67
|
+
code under terms of your choice, provided that, if the incorporated
|
68
|
+
material is not limited to numerical parameters, data structure
|
69
|
+
layouts and accessors, or small macros, inline functions and templates
|
70
|
+
(ten or fewer lines in length), you do both of the following:
|
71
|
+
|
72
|
+
a) Give prominent notice with each copy of the object code that the
|
73
|
+
Library is used in it and that the Library and its use are
|
74
|
+
covered by this License.
|
75
|
+
|
76
|
+
b) Accompany the object code with a copy of the GNU GPL and this license
|
77
|
+
document.
|
78
|
+
|
79
|
+
=== 4. Combined Works.
|
80
|
+
|
81
|
+
You may convey a Combined Work under terms of your choice that,
|
82
|
+
taken together, effectively do not restrict modification of the
|
83
|
+
portions of the Library contained in the Combined Work and reverse
|
84
|
+
engineering for debugging such modifications, if you also do each of
|
85
|
+
the following:
|
86
|
+
|
87
|
+
a) Give prominent notice with each copy of the Combined Work that
|
88
|
+
the Library is used in it and that the Library and its use are
|
89
|
+
covered by this License.
|
90
|
+
|
91
|
+
b) Accompany the Combined Work with a copy of the GNU GPL and this license
|
92
|
+
document.
|
93
|
+
|
94
|
+
c) For a Combined Work that displays copyright notices during
|
95
|
+
execution, include the copyright notice for the Library among
|
96
|
+
these notices, as well as a reference directing the user to the
|
97
|
+
copies of the GNU GPL and this license document.
|
98
|
+
|
99
|
+
d) Do one of the following:
|
100
|
+
|
101
|
+
0) Convey the Minimal Corresponding Source under the terms of this
|
102
|
+
License, and the Corresponding Application Code in a form
|
103
|
+
suitable for, and under terms that permit, the user to
|
104
|
+
recombine or relink the Application with a modified version of
|
105
|
+
the Linked Version to produce a modified Combined Work, in the
|
106
|
+
manner specified by section 6 of the GNU GPL for conveying
|
107
|
+
Corresponding Source.
|
108
|
+
|
109
|
+
1) Use a suitable shared library mechanism for linking with the
|
110
|
+
Library. A suitable mechanism is one that (a) uses at run time
|
111
|
+
a copy of the Library already present on the user's computer
|
112
|
+
system, and (b) will operate properly with a modified version
|
113
|
+
of the Library that is interface-compatible with the Linked
|
114
|
+
Version.
|
115
|
+
|
116
|
+
e) Provide Installation Information, but only if you would otherwise
|
117
|
+
be required to provide such information under section 6 of the
|
118
|
+
GNU GPL, and only to the extent that such information is
|
119
|
+
necessary to install and execute a modified version of the
|
120
|
+
Combined Work produced by recombining or relinking the
|
121
|
+
Application with a modified version of the Linked Version. (If
|
122
|
+
you use option 4d0, the Installation Information must accompany
|
123
|
+
the Minimal Corresponding Source and Corresponding Application
|
124
|
+
Code. If you use option 4d1, you must provide the Installation
|
125
|
+
Information in the manner specified by section 6 of the GNU GPL
|
126
|
+
for conveying Corresponding Source.)
|
127
|
+
|
128
|
+
=== 5. Combined Libraries.
|
129
|
+
|
130
|
+
You may place library facilities that are a work based on the
|
131
|
+
Library side by side in a single library together with other library
|
132
|
+
facilities that are not Applications and are not covered by this
|
133
|
+
License, and convey such a combined library under terms of your
|
134
|
+
choice, if you do both of the following:
|
135
|
+
|
136
|
+
a) Accompany the combined library with a copy of the same work based
|
137
|
+
on the Library, uncombined with any other library facilities,
|
138
|
+
conveyed under the terms of this License.
|
139
|
+
|
140
|
+
b) Give prominent notice with the combined library that part of it
|
141
|
+
is a work based on the Library, and explaining where to find the
|
142
|
+
accompanying uncombined form of the same work.
|
143
|
+
|
144
|
+
=== 6. Revised Versions of the GNU Lesser General Public License.
|
145
|
+
|
146
|
+
The Free Software Foundation may publish revised and/or new versions
|
147
|
+
of the GNU Lesser General Public License from time to time. Such new
|
148
|
+
versions will be similar in spirit to the present version, but may
|
149
|
+
differ in detail to address new problems or concerns.
|
150
|
+
|
151
|
+
Each version is given a distinguishing version number. If the
|
152
|
+
Library as you received it specifies that a certain numbered version
|
153
|
+
of the GNU Lesser General Public License "or any later version"
|
154
|
+
applies to it, you have the option of following the terms and
|
155
|
+
conditions either of that published version or of any later version
|
156
|
+
published by the Free Software Foundation. If the Library as you
|
157
|
+
received it does not specify a version number of the GNU Lesser
|
158
|
+
General Public License, you may choose any version of the GNU Lesser
|
159
|
+
General Public License ever published by the Free Software Foundation.
|
160
|
+
|
161
|
+
If the Library as you received it specifies that a proxy can decide
|
162
|
+
whether future versions of the GNU Lesser General Public License shall
|
163
|
+
apply, that proxy's public statement of acceptance of any version is
|
164
|
+
permanent authorization for you to choose that version for the
|
165
|
+
Library.
|
166
|
+
|
data/docs/TODO
CHANGED
@@ -1,18 +1,161 @@
|
|
1
|
+
== IPAccess
|
1
2
|
|
2
|
-
|
3
|
+
|
4
|
+
|
5
|
+
- neet to be callable like x[:input] or x[:output] which allows more generic access to lists
|
6
|
+
- make it an array-like!
|
7
|
+
|
8
|
+
== new logic
|
9
|
+
|
10
|
+
- universal bus for storing objects
|
11
|
+
|
12
|
+
0. bus belongs to a list
|
13
|
+
1. bus contains object id-s of sockets
|
14
|
+
2. each socket object contains a list of useables inside
|
15
|
+
3. useables is a collection of references to objects that are using sockets
|
16
|
+
4. useables are added just after socket has been created
|
17
|
+
5. useables are present only when some socket caused the exception (otherwise we whould count on an originator)
|
18
|
+
|
19
|
+
adding useables:
|
20
|
+
|
21
|
+
when arming, add a useable if object is a socket
|
22
|
+
|
23
|
+
|
24
|
+
adding to bus:
|
25
|
+
|
26
|
+
socket is added to bus when armed (be aware of inpu/output lists!)
|
27
|
+
|
28
|
+
removing from bus:
|
29
|
+
|
30
|
+
finalizer
|
31
|
+
|
32
|
+
|
33
|
+
changing the acl of high-level object:
|
34
|
+
|
35
|
+
if the acl is really changed:
|
36
|
+
|
37
|
+
if the list is really changed:
|
38
|
+
|
39
|
+
- for all previous lists (input and output) do:
|
40
|
+
- take a bus and for each socket
|
41
|
+
- remove useable (self) from socket
|
42
|
+
- remove socket from thet bus if there are no useables in a socket
|
43
|
+
|
44
|
+
- for all new lists (input and output) do:
|
45
|
+
- take a bus
|
46
|
+
- add useable to a socket's useables
|
47
|
+
- add socket to a bus
|
48
|
+
|
49
|
+
rechecking all during access list manipulation
|
50
|
+
|
51
|
+
in context: list
|
52
|
+
for each socket on a bus
|
53
|
+
call access checking method ipcheck_socket passing a list and an exception (input or output)
|
54
|
+
|
55
|
+
|
56
|
+
|
57
|
+
|
58
|
+
|
59
|
+
|
60
|
+
exception:
|
61
|
+
|
62
|
+
useables - all object's id-s that are using it
|
63
|
+
originator - an object that had been using it when exception happened (by re-raising an exception)
|
64
|
+
socket - socket object that caused the exception to happened (may be nil)
|
65
|
+
|
66
|
+
|
67
|
+
|
68
|
+
|
69
|
+
|
70
|
+
- sprawdzic ile razy sie wola przeszukiwanie przy nowym obiekcie, czy nie za wiele razy
|
71
|
+
|
72
|
+
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
|
82
|
+
|
83
|
+
|
84
|
+
|
85
|
+
|
86
|
+
|
87
|
+
|
88
|
+
|
89
|
+
|
90
|
+
- Where to register in a bus? In initializer or during patching (ipa_singleton_hook) and acl changing method
|
91
|
+
- what about duplicates in case of auto-armed sockets in higher-level objects? some option that prevents it
|
92
|
+
- when adding to a bus store originator!!!!!!!!! (requires acl= overload and supercall since different sockets are in network classes)
|
93
|
+
|
94
|
+
|
95
|
+
- gdy wyjatek rzuci socket podczas uzytkowania obiektu wysokiej klasy to co zamknie obiekt wysokiej klasy?
|
96
|
+
- try_terminate zlapane gdzies tam w opakowaniu albo rezygnujemy z automagicznego zamykania
|
97
|
+
|
98
|
+
jak gniazdo sie zarejestruje na szynie z parentem?
|
99
|
+
- przy try_arm_and_check_socket w self.acl=
|
100
|
+
|
101
|
+
a jak zmieni sie przyporzadkowanie, gdy ktos da: ftp.acl = inny
|
102
|
+
- to musimy przepisac duzo bo acl to jakies listy!!!! te listy zmienia sie w stosunku do obiektu i do jego obiektow gniazd
|
103
|
+
najpierw dodac do nowych
|
104
|
+
- co dodac?
|
105
|
+
- zarejestrowac obiekt macierzysty i jego gniazda
|
106
|
+
- gdzie? w busach nowego acl
|
107
|
+
- a jesli juz tam cos jest? czy sie nie skasuje? nie powinno. idy sa unikatowe.
|
108
|
+
|
109
|
+
poetm wyrypac ze starych
|
110
|
+
- a jak acl jest shared i jeszcze w nim siedzi obiekt inny ktorego gniazdo jest wspolne?
|
111
|
+
- zbadac to potem
|
112
|
+
- potem sprawdzamy wszystkie sockety ZWIAZANE Z OBIEKTEM na ktorym ACL sie zmienia i ew. cal
|
113
|
+
|
114
|
+
|
115
|
+
a jak zmieni sie cos w external acl-u?
|
116
|
+
- to sprawdzamy wszystkie sockety W OGOLE i ew. call
|
117
|
+
|
118
|
+
|
119
|
+
|
120
|
+
|
121
|
+
- JUST-SOCKETS approach??? YES
|
122
|
+
|
123
|
+
- add examples with blocks
|
124
|
+
- check all overloaded class methods that take blocks for bugs
|
125
|
+
|
126
|
+
=== Specification
|
3
127
|
|
4
128
|
- add missing rspec examples
|
5
129
|
|
6
|
-
|
130
|
+
== Documentation
|
131
|
+
|
132
|
+
- rewrite docs and examples for patches to use proxy methods like .blacklist !!!
|
133
|
+
- write a manual how to arm you own objects in an easy way (like include IPAccess::Patches::ACL)
|
134
|
+
- add a doco with an example of a block that disables throwing an exception but closes connection and does stuff
|
135
|
+
- insert hints in documentation: acl.output.blacklist before object is created and obj.blacklist when it exists as a good example!
|
136
|
+
- add IPAccess::Net ghost-doc
|
137
|
+
- sockets: document initializers and other stuff that takes :opened_on_deny
|
138
|
+
|
139
|
+
== Other
|
7
140
|
|
8
|
-
-
|
141
|
+
- inspect methods?
|
9
142
|
|
10
|
-
|
143
|
+
== Ruby 1.8
|
11
144
|
|
12
|
-
-
|
145
|
+
- ok
|
13
146
|
|
14
|
-
|
147
|
+
== Future
|
15
148
|
|
149
|
+
- ability to react on greylisted entries? :)
|
150
|
+
- some Ruby 1.9-specific socket methods
|
151
|
+
- utilize @debug_mode in certain network objects to pring access denied message
|
16
152
|
- maybe some day: test input lists even if socket is a client socket - local socket address permit/deny
|
17
|
-
-
|
153
|
+
- to speed up ACL seeks maybe a small, fast buffer for up to 128 IP matches cleaned when something will change?
|
154
|
+
|
155
|
+
|
18
156
|
|
157
|
+
begin
|
158
|
+
a.blacklist '127.0.0.1'
|
159
|
+
rescue
|
160
|
+
|
161
|
+
end
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/docs/rdoc.css
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
@import "rdoc_base.css";
|
2
|
+
|
3
|
+
#documentation > ul:first-of-type {
|
4
|
+
padding-bottom: 2em;
|
5
|
+
padding-top: 1.5em;
|
6
|
+
background-image: url(images/ipaccess_logo.png);
|
7
|
+
background-position: 20em 0%;
|
8
|
+
background-repeat: no-repeat;
|
9
|
+
}
|
10
|
+
|
11
|
+
#documentation .method-description > p:first-of-type + p {
|
12
|
+
margin-top: 0.5em;
|
13
|
+
}
|
14
|
+
|
15
|
+
#documentation .method-description > ul {
|
16
|
+
margin-left: 1.2em;
|
17
|
+
}
|
18
|
+
|
19
|
+
#documentation .method-description > p + ul {
|
20
|
+
margin-left: 1.8em;
|
21
|
+
}
|
22
|
+
|
data/examples/ftp.rb
ADDED
@@ -0,0 +1,62 @@
|
|
1
|
+
$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
|
2
|
+
|
3
|
+
require 'ipaccess/net/ftp'
|
4
|
+
|
5
|
+
# Add host's IP by to black list of global output access set
|
6
|
+
IPAccess::Set::Global.output.blacklist 'randomseed.pl'
|
7
|
+
|
8
|
+
# Create custom access set with one blacklisted IP
|
9
|
+
acl = IPAccess::Set.new
|
10
|
+
acl.output.blacklist 'randomseed.pl'
|
11
|
+
|
12
|
+
#===== Example cases
|
13
|
+
|
14
|
+
begin
|
15
|
+
IPAccess::Net::FTP.open('ftp.icm.edu.pl', acl) { |ftp|
|
16
|
+
ftp.passive = true
|
17
|
+
ftp.blacklist! 'ftp.icm.edu.pl'
|
18
|
+
files = ftp.list('li*')
|
19
|
+
puts files
|
20
|
+
}
|
21
|
+
|
22
|
+
rescue IPAccessDenied => e
|
23
|
+
|
24
|
+
puts e.show
|
25
|
+
puts "Connection is " + (e.originator.closed? ? "closed" : "opened")
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
# Using IPAccess::Net::FTP variant instead of Net::FTP
|
30
|
+
|
31
|
+
ftp = IPAccess::Net::FTP.new('ftp.pld-linux.org', :private) # private access set
|
32
|
+
ftp.passive = true
|
33
|
+
ftp.login
|
34
|
+
files = ftp.chdir('/')
|
35
|
+
ftp.blacklist 'ftp.pld-linux.org' # blacklisting
|
36
|
+
files = ftp.list('n*') # this command opens socket so there is no need to call acl_recheck
|
37
|
+
ftp.close
|
38
|
+
|
39
|
+
# Using patched Net::FTP object
|
40
|
+
|
41
|
+
acl = IPAccess::Set.new
|
42
|
+
acl.output.blacklist 'ftp.pld-linux.org'
|
43
|
+
ftp = Net::FTP.new('ftp.pld-linux.org')
|
44
|
+
ftp.passive = true
|
45
|
+
ftp.login
|
46
|
+
IPAccess.arm ftp, acl
|
47
|
+
files = ftp.chdir('/')
|
48
|
+
files = ftp.list('n*')
|
49
|
+
ftp.close
|
50
|
+
|
51
|
+
# Using patched Net::FTP class
|
52
|
+
|
53
|
+
acl = IPAccess::Set.new
|
54
|
+
IPAccess.arm Net::FTP
|
55
|
+
ftp = Net::FTP.new('ftp.pld-linux.org')
|
56
|
+
ftp.acl = acl
|
57
|
+
ftp.passive = true
|
58
|
+
ftp.login
|
59
|
+
files = ftp.chdir('/')
|
60
|
+
acl.output.blacklist 'ftp.pld-linux.org'
|
61
|
+
files = ftp.list('n*')
|
62
|
+
ftp.close
|
data/examples/http.rb
ADDED
@@ -0,0 +1,81 @@
|
|
1
|
+
$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
|
2
|
+
|
3
|
+
require 'ipaccess/net/http'
|
4
|
+
require 'uri'
|
5
|
+
|
6
|
+
url = URI.parse('http://randomseed.pl/index.html')
|
7
|
+
|
8
|
+
# Add host's IP by to black list of global output access set
|
9
|
+
IPAccess::Set::Global.output.blacklist 'randomseed.pl'
|
10
|
+
|
11
|
+
# Create custom access set with one blacklisted IP
|
12
|
+
acl = IPAccess::Set.new
|
13
|
+
acl.output.blacklist 'randomseed.pl'
|
14
|
+
|
15
|
+
#===== Example cases
|
16
|
+
|
17
|
+
# Case 0: custom access set and patched single instance
|
18
|
+
|
19
|
+
req = Net::HTTP::Get.new("/")
|
20
|
+
|
21
|
+
begin
|
22
|
+
|
23
|
+
htt = Net::HTTP.new(url.host, url.port)
|
24
|
+
IPAccess.arm htt
|
25
|
+
|
26
|
+
res = htt.start { |http|
|
27
|
+
http.request(req)
|
28
|
+
}
|
29
|
+
|
30
|
+
rescue IPAccessDenied => e
|
31
|
+
|
32
|
+
puts "Message:\t#{e.message}"
|
33
|
+
puts
|
34
|
+
puts "ACL:\t\t#{e.acl}"
|
35
|
+
puts "Exception:\t#{e.inspect}"
|
36
|
+
puts "Remote IP:\t#{e.peer_ip}"
|
37
|
+
puts "Rule:\t\t#{e.rule}"
|
38
|
+
puts "Originator:\t#{e.originator}"
|
39
|
+
puts "CIDR's Origin:\t#{e.peer_ip.tag[:Originator]}\n\n"
|
40
|
+
|
41
|
+
end
|
42
|
+
|
43
|
+
# Case 1: simple setup with custom ACL
|
44
|
+
res = IPAccess::Net::HTTP.start(url.host, url.port, acl) { |http|
|
45
|
+
http.get("/#{url.path}")
|
46
|
+
}
|
47
|
+
|
48
|
+
# Case 2: custom access set with Net::HTTP variant
|
49
|
+
|
50
|
+
req = Net::HTTP::Get.new(url.path)
|
51
|
+
htt = IPAccess::Net::HTTP.new(url.host, url.port, acl)
|
52
|
+
res = htt.start { |http|
|
53
|
+
http.request(req)
|
54
|
+
}
|
55
|
+
|
56
|
+
# Case 3: global access set with Net::HTTP variant
|
57
|
+
|
58
|
+
req = Net::HTTP::Get.new(url.path)
|
59
|
+
htt = IPAccess::Net::HTTP.new(url.host, url.port)
|
60
|
+
res = htt.start { |http|
|
61
|
+
http.request(req)
|
62
|
+
}
|
63
|
+
|
64
|
+
# Case 4: global access set with Net::HTTP variant
|
65
|
+
|
66
|
+
req = Net::HTTP::Get.new(url.path)
|
67
|
+
res = IPAccess::Net::HTTP.start(url.host, url.port) { |http|
|
68
|
+
http.request(req)
|
69
|
+
}
|
70
|
+
|
71
|
+
# Case 5: get_print with custom ACL
|
72
|
+
|
73
|
+
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html', acl
|
74
|
+
|
75
|
+
# Case 6: arming Net::HTTP class
|
76
|
+
|
77
|
+
# Arm Net::HTTP class of Ruby
|
78
|
+
IPAccess.arm Net::HTTP
|
79
|
+
# Call Net::HTTP.get_print
|
80
|
+
Net::HTTP.get_print 'randomseed.pl', '/index.html'
|
81
|
+
|