ipaccess 0.0.4 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- checksums.yaml.gz.sig +1 -0
- data.tar.gz.sig +0 -0
- data/.gemtest +0 -0
- data/.rspec +1 -0
- data/.yardopts +12 -0
- data/ChangeLog +1495 -0
- data/{docs/LGPL-LICENSE → LGPL-LICENSE} +0 -0
- data/Manifest.txt +76 -0
- data/README.md +96 -0
- data/Rakefile +65 -42
- data/docs/COPYING +41 -45
- data/docs/FAQ +12 -0
- data/docs/HISTORY +17 -0
- data/docs/LEGAL +1 -1
- data/docs/LGPL +166 -0
- data/docs/TODO +150 -7
- data/docs/images/ipaccess.png +0 -0
- data/docs/images/ipaccess_ac_for_args.png +0 -0
- data/docs/images/ipaccess_ac_for_socket.png +0 -0
- data/docs/images/ipaccess_logo.png +0 -0
- data/docs/images/ipaccess_relations.png +0 -0
- data/docs/images/ipaccess_setup_origin.png +0 -0
- data/docs/images/ipaccess_setup_origin_tab.png +0 -0
- data/docs/images/ipaccess_view.png +0 -0
- data/docs/rdoc.css +22 -0
- data/examples/ftp.rb +62 -0
- data/examples/http.rb +81 -0
- data/examples/imap.rb +37 -0
- data/examples/pop.rb +31 -0
- data/examples/smtp.rb +26 -0
- data/examples/tcp_server.rb +32 -0
- data/examples/tcp_socket.rb +7 -3
- data/examples/telnet.rb +32 -0
- data/examples/text_message.rb +45 -0
- data/lib/ipaccess.rb +557 -7
- data/lib/ipaccess/arm_sockets.rb +7 -4
- data/lib/ipaccess/ghost_doc/ghost_doc.rb +23 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_acl.rb +54 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_ftp.rb +213 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_http.rb +272 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_smtp.rb +186 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_net_telnet.rb +227 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_blacklist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_blacklist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unblacklist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unblacklist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unwhitelist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_unwhitelist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_whitelist.rb +36 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_p_whitelist_e.rb +7 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_patched_usage.rb +64 -0
- data/lib/ipaccess/ghost_doc/ghost_doc_sockets.rb +571 -0
- data/lib/ipaccess/ip_access_check.rb +508 -0
- data/lib/ipaccess/ip_access_errors.rb +186 -40
- data/lib/ipaccess/ip_access_list.rb +955 -1122
- data/lib/ipaccess/ip_access_set.rb +212 -0
- data/lib/ipaccess/net/ftp.rb +39 -0
- data/lib/ipaccess/net/http.rb +39 -0
- data/lib/ipaccess/net/https.rb +30 -0
- data/lib/ipaccess/net/imap.rb +39 -0
- data/lib/ipaccess/net/pop.rb +46 -0
- data/lib/ipaccess/net/smtp.rb +39 -0
- data/lib/ipaccess/net/telnet.rb +38 -0
- data/lib/ipaccess/patches/generic.rb +807 -0
- data/lib/ipaccess/patches/net_ftp.rb +165 -0
- data/lib/ipaccess/patches/net_http.rb +175 -0
- data/lib/ipaccess/patches/net_https.rb +29 -0
- data/lib/ipaccess/patches/net_imap.rb +117 -0
- data/lib/ipaccess/patches/net_pop.rb +171 -0
- data/lib/ipaccess/patches/net_smtp.rb +130 -0
- data/lib/ipaccess/patches/net_telnet.rb +103 -0
- data/lib/ipaccess/{netaddr_patch.rb → patches/netaddr.rb} +20 -11
- data/lib/ipaccess/patches/sockets.rb +586 -0
- data/lib/ipaccess/socket.rb +52 -1
- data/lib/ipaccess/sockets.rb +4 -30
- data/spec/ip_access_list_spec.rb +33 -21
- data/spec/spec.opts +2 -2
- metadata +289 -63
- metadata.gz.sig +0 -0
- data/docs/DOWNLOAD +0 -17
- data/docs/README +0 -95
- data/docs/WELCOME +0 -8
- data/lib/ipaccess/ghost_doc.rb +0 -206
- data/lib/ipaccess/ghost_doc_acl.rb +0 -31
- data/lib/ipaccess/ip_access.rb +0 -456
- data/lib/ipaccess/ip_access_patches.rb +0 -431
- data/spec/core_spec.rb +0 -5
@@ -0,0 +1,186 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
#
|
3
|
+
# Author:: Paweł Wilk (mailto:pw@gnu.org)
|
4
|
+
# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
|
5
|
+
# License:: This program is licensed under the terms of {GNU Lesser General Public License}[link:LGPL.html] or Ruby License.
|
6
|
+
#
|
7
|
+
# Classes contained are just for documentary purposes.
|
8
|
+
# It is a scaffold for keeping virtual methods that
|
9
|
+
# cannot be detected by RDoc.
|
10
|
+
#
|
11
|
+
#--
|
12
|
+
#
|
13
|
+
# Copyright (C) 2009 by Paweł Wilk. All Rights Reserved.
|
14
|
+
#
|
15
|
+
# This program is free software; you can redistribute it and/or modify
|
16
|
+
# it under the terms of either: 1) the GNU Lesser General Public License
|
17
|
+
# as published by the Free Software Foundation; either version 3 of the
|
18
|
+
# License, or (at your option) any later version; or 2) Ruby's License.
|
19
|
+
#
|
20
|
+
# See the file COPYING for complete licensing information.
|
21
|
+
#
|
22
|
+
#++
|
23
|
+
|
24
|
+
######################################################
|
25
|
+
# Net::SMTP[http://www.ruby-doc.org/stdlib/libdoc/net/smtp/rdoc/classes/Net/SMTP.html]
|
26
|
+
# class with IP access control. It uses +output+
|
27
|
+
# access lists. It and acts the same way as Net::SMTP[http://www.ruby-doc.org/stdlib/libdoc/net/smtp/rdoc/classes/Net/SMTP.html]
|
28
|
+
# class but provides special member called +acl+ and a few new
|
29
|
+
# instance methods for controlling IP access.
|
30
|
+
#
|
31
|
+
#:include:ghost_doc_patched_usage.rb
|
32
|
+
#
|
33
|
+
# This documentation doesn't cover description of all
|
34
|
+
# class and instance methods of the original
|
35
|
+
# Net::SMTP[http://www.ruby-doc.org/stdlib/libdoc/net/smtp/rdoc/classes/Net/SMTP.html]
|
36
|
+
# class, just the patched variants that make use of IP access control.
|
37
|
+
#
|
38
|
+
# === Examples
|
39
|
+
#
|
40
|
+
# ==== Using IPAccess::Net::SMTP variant instead of Net::SMTP[http://www.ruby-doc.org/stdlib/libdoc/net/smtp/rdoc/classes/Net/SMTP.html], global access set
|
41
|
+
#
|
42
|
+
# require 'ipaccess/net/smtp'
|
43
|
+
#
|
44
|
+
# IPAccess::Set::Global.output.blacklist 'randomseed.pl'
|
45
|
+
#
|
46
|
+
# IPAccess::Net::SMTP.start('randomseed.pl', 25) do |smtp|
|
47
|
+
# ;
|
48
|
+
# end
|
49
|
+
#
|
50
|
+
# ==== Patching single object, global access set, direct blacklisting
|
51
|
+
#
|
52
|
+
# require 'ipaccess/net/smtp'
|
53
|
+
#
|
54
|
+
# p = Net::SMTP.new 'randomseed.pl'
|
55
|
+
# IPAccess.arm p
|
56
|
+
# p.blacklist! 'randomseed.pl'
|
57
|
+
# p.start
|
58
|
+
|
59
|
+
class IPAccess::Net::SMTP
|
60
|
+
|
61
|
+
#:include:ghost_doc_p_whitelist_e.rb
|
62
|
+
def whitelist!; end
|
63
|
+
|
64
|
+
#:include:ghost_doc_p_whitelist.rb
|
65
|
+
def whitelist; end
|
66
|
+
|
67
|
+
#:include:ghost_doc_p_blacklist_e.rb
|
68
|
+
def blacklist!; end
|
69
|
+
|
70
|
+
#:include:ghost_doc_p_blacklist.rb
|
71
|
+
def blacklist; end
|
72
|
+
|
73
|
+
#:include:ghost_doc_p_unwhitelist.rb
|
74
|
+
def unwhitelist; end
|
75
|
+
|
76
|
+
#:include:ghost_doc_p_unwhitelist_e.rb
|
77
|
+
def unwhitelist!; end
|
78
|
+
|
79
|
+
#:include:ghost_doc_p_unblacklist_e.rb
|
80
|
+
def unblacklist!; end
|
81
|
+
|
82
|
+
#:include:ghost_doc_p_unblacklist.rb
|
83
|
+
def unblacklist; end
|
84
|
+
|
85
|
+
alias_method :unblock!, :unblacklist!
|
86
|
+
alias_method :del_black!, :unblacklist!
|
87
|
+
alias_method :unblock, :unblacklist
|
88
|
+
alias_method :del_black, :unblacklist
|
89
|
+
alias_method :add_black!, :blacklist!
|
90
|
+
alias_method :deny!, :blacklist!
|
91
|
+
alias_method :block!, :blacklist!
|
92
|
+
alias_method :add_black, :blacklist
|
93
|
+
alias_method :deny, :blacklist
|
94
|
+
alias_method :block, :blacklist
|
95
|
+
alias_method :del_white!, :unwhitelist!
|
96
|
+
alias_method :del_white, :unwhitelist
|
97
|
+
|
98
|
+
# This method works like whitelist! but
|
99
|
+
# allows to set reason.
|
100
|
+
def whitelist_reasonable!(reason, *addresses); end
|
101
|
+
|
102
|
+
# This method works like whitelist but
|
103
|
+
# allows to set reason.
|
104
|
+
def whitelist_reasonable(reason, *addresses); end
|
105
|
+
|
106
|
+
# This method works like blacklist! but
|
107
|
+
# allows to set reason.
|
108
|
+
def blacklist_reasonable!(reason, *addresses); end
|
109
|
+
|
110
|
+
# This method works like blacklist but
|
111
|
+
# allows to set reason.
|
112
|
+
def blacklist_reasonable(reason, *addresses); end
|
113
|
+
|
114
|
+
#:include:ghost_doc_acl.rb
|
115
|
+
#
|
116
|
+
# === Example
|
117
|
+
#
|
118
|
+
# require 'ipaccess/net/smtp' # load Net::SMTP variant
|
119
|
+
#
|
120
|
+
# smtp = IPAccess::Net::SMTP.new('host') # create SMTP object
|
121
|
+
#
|
122
|
+
# smtp.acl = :global # use global access set
|
123
|
+
# smtp.acl = :private # create and use individual access set
|
124
|
+
# smtp.acl = IPAccess::Set.new # use external (shared) access set
|
125
|
+
|
126
|
+
attr_accessor :acl
|
127
|
+
|
128
|
+
# :call-seq:
|
129
|
+
# new(address)<br />
|
130
|
+
# new(address, acl)<br />
|
131
|
+
# new(address, port, acl)
|
132
|
+
#
|
133
|
+
# Creates a new object. Argument +address+ is the hostname
|
134
|
+
# or IP address of your SMTP server. Argument +port+ is
|
135
|
+
# the port to connect to; it defaults to port 25.
|
136
|
+
#
|
137
|
+
# This method does not open the TCP connection.
|
138
|
+
# You can use SMTP.start instead of SMTP.new
|
139
|
+
# if you want to do everything at once.
|
140
|
+
# Otherwise, follow SMTP.new with SMTP#start.
|
141
|
+
#
|
142
|
+
# This method optionally sets an access set given as the
|
143
|
+
# last parameter. If +acl+ parameter
|
144
|
+
# is not given it defaults to <tt>IPAccess::Set.Global</tt>.
|
145
|
+
|
146
|
+
def initialize
|
147
|
+
# Real code hidden.
|
148
|
+
end
|
149
|
+
|
150
|
+
# :call-seq:
|
151
|
+
# start(address) <tt>{|smtp| …}</tt><br />
|
152
|
+
# start(address, acl) <tt>{|smtp| …}</tt><br />
|
153
|
+
# start(address, port, acl) <tt>{|smtp| …}</tt><br />
|
154
|
+
# start(address, port, helo, acl) <tt>{|smtp| …}</tt><br />
|
155
|
+
# start(address, port, helo, user, secret, acl) <tt>{|smtp| …}</tt><br />
|
156
|
+
# start(address, port, helo, user, secret, authtype, acl) <tt>{|smtp| …}</tt>
|
157
|
+
#
|
158
|
+
# Creates a new object and connects to the server. If +helo+
|
159
|
+
# is missing or +nil+ the +localhost.localdomain+ string will
|
160
|
+
# be used. This method is equivalent to:
|
161
|
+
#
|
162
|
+
# smtp = IPAccess::Net::SMTP.new(address, port)
|
163
|
+
# smtp.start(helo_domain, account, password, authtype)
|
164
|
+
#
|
165
|
+
# This method optionally sets an access set given as the
|
166
|
+
# last parameter. If +acl+ parameter
|
167
|
+
# is not given it defaults to <tt>IPAccess::Set.Global</tt>.
|
168
|
+
|
169
|
+
def self.start
|
170
|
+
# Real code hidden.
|
171
|
+
end
|
172
|
+
|
173
|
+
# This method allows you to re-check access on demad.
|
174
|
+
# It uses internal socket's address and access set assigned
|
175
|
+
# to an object. It will close your communication session
|
176
|
+
# before throwing an exception in case of denied access
|
177
|
+
# – you can prevent it by setting the flag +opened_on_deny+
|
178
|
+
# to +true+. The flag can be set while initializing object
|
179
|
+
# (through argument +:opened_on_deny+) or by setting the
|
180
|
+
# attribute.
|
181
|
+
|
182
|
+
def acl_recheck
|
183
|
+
# Real code hidden.
|
184
|
+
end
|
185
|
+
|
186
|
+
end
|
@@ -0,0 +1,227 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
#
|
3
|
+
# Author:: Paweł Wilk (mailto:pw@gnu.org)
|
4
|
+
# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
|
5
|
+
# License:: This program is licensed under the terms of {GNU Lesser General Public License}[link:LGPL.html] or Ruby License.
|
6
|
+
#
|
7
|
+
# Classes contained are just for documentary purposes.
|
8
|
+
# It is a scaffold for keeping virtual methods that
|
9
|
+
# cannot be detected by RDoc.
|
10
|
+
#
|
11
|
+
#--
|
12
|
+
#
|
13
|
+
# Copyright (C) 2009 by Paweł Wilk. All Rights Reserved.
|
14
|
+
#
|
15
|
+
# This program is free software; you can redistribute it and/or modify
|
16
|
+
# it under the terms of either: 1) the GNU Lesser General Public License
|
17
|
+
# as published by the Free Software Foundation; either version 3 of the
|
18
|
+
# License, or (at your option) any later version; or 2) Ruby's License.
|
19
|
+
#
|
20
|
+
# See the file COPYING for complete licensing information.
|
21
|
+
#
|
22
|
+
#++
|
23
|
+
|
24
|
+
######################################################
|
25
|
+
# Net::Telnet[http://www.ruby-doc.org/stdlib/libdoc/net/telnet/rdoc/classes/Net/Telnet.html]
|
26
|
+
# class with IP access control. It uses output access lists
|
27
|
+
# and acts the same way as Net::Telnet class but
|
28
|
+
# provides provides special member called +acl+ and a few new
|
29
|
+
# instance methods for controlling IP access.
|
30
|
+
#
|
31
|
+
#:include:ghost_doc_patched_usage.rb
|
32
|
+
#
|
33
|
+
# This documentation doesn't cover description of all
|
34
|
+
# class and instance methods of the original
|
35
|
+
# Net::Telnet[http://www.ruby-doc.org/stdlib/libdoc/net/telnet/rdoc/classes/Net/Telnet.html]
|
36
|
+
# class, just the patched variants that make use of IP access control.
|
37
|
+
#
|
38
|
+
# === Examples
|
39
|
+
#
|
40
|
+
# ==== Global access set, using IPAccess::Net::Telnet
|
41
|
+
#
|
42
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
43
|
+
#
|
44
|
+
# opts = {}
|
45
|
+
# opts["Host"] = 'randomseed.pl'
|
46
|
+
# opts["Port"] = '80'
|
47
|
+
#
|
48
|
+
# IPAccess::Set::Global.output.blacklist 'randomseed.pl' # blacklist host
|
49
|
+
# t = IPAccess::Net::Telnet.new(opts) # try to connect to remote host
|
50
|
+
#
|
51
|
+
# ==== Global access set, single object patched, direct blacklisting
|
52
|
+
#
|
53
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
54
|
+
#
|
55
|
+
# opts = {}
|
56
|
+
# opts["Host"] = 'randomseed.pl'
|
57
|
+
# opts["Port"] = '80'
|
58
|
+
#
|
59
|
+
# t = Net::Telnet.new(opts) # try to connect to remote host
|
60
|
+
# IPAccess.arm t # arm single Telnet object (will use global access set)
|
61
|
+
# t.blacklist! 'randomseed.pl' # blacklist host while being connected
|
62
|
+
#
|
63
|
+
# ==== Shared access set, single object patched
|
64
|
+
#
|
65
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
66
|
+
#
|
67
|
+
# opts = {}
|
68
|
+
# opts["Host"] = 'randomseed.pl'
|
69
|
+
# opts["Port"] = '80'
|
70
|
+
#
|
71
|
+
# t = Net::Telnet.new(opts) # try to connect to remote host
|
72
|
+
#
|
73
|
+
# acl = IPAccess::Set.new # create custom access set
|
74
|
+
# acl.output.blacklist 'randomseed.pl' # blacklist host in access set
|
75
|
+
# IPAccess.arm t, acl # arm single Telnet object with access set passed
|
76
|
+
#
|
77
|
+
# ==== Shared access set, single object patched, direct blacklisting
|
78
|
+
#
|
79
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
80
|
+
#
|
81
|
+
# opts = {}
|
82
|
+
# opts["Host"] = 'randomseed.pl'
|
83
|
+
# opts["Port"] = '80'
|
84
|
+
#
|
85
|
+
# t = Net::Telnet.new(opts) # try to connect to remote host
|
86
|
+
#
|
87
|
+
# acl = IPAccess::Set.new # create custom access set
|
88
|
+
# IPAccess.arm t, acl # arm single Telnet object with access set passed
|
89
|
+
# t.blacklist 'randomseed.pl' # blacklist host
|
90
|
+
#
|
91
|
+
# ==== Shared access set, class patched
|
92
|
+
#
|
93
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
94
|
+
#
|
95
|
+
# opts = {}
|
96
|
+
# opts["Host"] = 'randomseed.pl'
|
97
|
+
# opts["Port"] = '80'
|
98
|
+
#
|
99
|
+
# IPAccess.arm Net::Telnet # patch Net::Telnet class
|
100
|
+
# opts['ACL'] = IPAccess::Set.new # create custom access set and add it to options
|
101
|
+
# opts['ACL'].output.blacklist 'randomseed.pl' # blacklist host
|
102
|
+
#
|
103
|
+
# t = Net::Telnet.new(opts) # try to connect to remote host
|
104
|
+
#
|
105
|
+
# ==== Private access set, class patched, direct blacklisting
|
106
|
+
#
|
107
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet version and IPAccess.arm method
|
108
|
+
#
|
109
|
+
# opts = {}
|
110
|
+
# opts["Host"] = 'randomseed.pl'
|
111
|
+
# opts["Port"] = '80'
|
112
|
+
#
|
113
|
+
# IPAccess.arm Net::Telnet # patch Net::Telnet class
|
114
|
+
#
|
115
|
+
# t = Net::Telnet.new(opts, :private) # try to connect to remote host
|
116
|
+
# t.blacklist 'randomseed.pl' # blacklist host
|
117
|
+
|
118
|
+
class IPAccess::Net::Telnet
|
119
|
+
|
120
|
+
#:include:ghost_doc_p_whitelist_e.rb
|
121
|
+
def whitelist!; end
|
122
|
+
|
123
|
+
#:include:ghost_doc_p_whitelist.rb
|
124
|
+
def whitelist; end
|
125
|
+
|
126
|
+
#:include:ghost_doc_p_blacklist_e.rb
|
127
|
+
def blacklist!; end
|
128
|
+
|
129
|
+
#:include:ghost_doc_p_blacklist.rb
|
130
|
+
def blacklist; end
|
131
|
+
|
132
|
+
#:include:ghost_doc_p_unwhitelist.rb
|
133
|
+
def unwhitelist; end
|
134
|
+
|
135
|
+
#:include:ghost_doc_p_unwhitelist_e.rb
|
136
|
+
def unwhitelist!; end
|
137
|
+
|
138
|
+
#:include:ghost_doc_p_unblacklist_e.rb
|
139
|
+
def unblacklist!; end
|
140
|
+
|
141
|
+
#:include:ghost_doc_p_unblacklist.rb
|
142
|
+
def unblacklist; end
|
143
|
+
|
144
|
+
alias_method :unblock!, :unblacklist!
|
145
|
+
alias_method :del_black!, :unblacklist!
|
146
|
+
alias_method :unblock, :unblacklist
|
147
|
+
alias_method :del_black, :unblacklist
|
148
|
+
alias_method :add_black!, :blacklist!
|
149
|
+
alias_method :deny!, :blacklist!
|
150
|
+
alias_method :block!, :blacklist!
|
151
|
+
alias_method :add_black, :blacklist
|
152
|
+
alias_method :deny, :blacklist
|
153
|
+
alias_method :block, :blacklist
|
154
|
+
alias_method :del_white!, :unwhitelist!
|
155
|
+
alias_method :del_white, :unwhitelist
|
156
|
+
|
157
|
+
# This method works like whitelist! but
|
158
|
+
# allows to set reason.
|
159
|
+
def whitelist_reasonable!(reason, *addresses); end
|
160
|
+
|
161
|
+
# This method works like whitelist but
|
162
|
+
# allows to set reason.
|
163
|
+
def whitelist_reasonable(reason, *addresses); end
|
164
|
+
|
165
|
+
# This method works like blacklist! but
|
166
|
+
# allows to set reason.
|
167
|
+
def blacklist_reasonable!(reason, *addresses); end
|
168
|
+
|
169
|
+
# This method works like blacklist but
|
170
|
+
# allows to set reason.
|
171
|
+
def blacklist_reasonable(reason, *addresses); end
|
172
|
+
|
173
|
+
#:include:ghost_doc_acl.rb
|
174
|
+
#
|
175
|
+
# === Example
|
176
|
+
#
|
177
|
+
# require 'ipaccess/net/telnet' # load Net::Telnet variant
|
178
|
+
#
|
179
|
+
# opts = {}
|
180
|
+
# opts["Host"] = 'randomseed.pl'
|
181
|
+
# telnet = IPAccess::Net::Telnet.new(opts) # create connected Telnet object
|
182
|
+
#
|
183
|
+
# telnet.acl = :global # use global access set
|
184
|
+
# telnet.acl = :private # create and use individual access set
|
185
|
+
# telnet.acl = IPAccess::Set.new # use external (shared) access set
|
186
|
+
|
187
|
+
attr_accessor :acl
|
188
|
+
|
189
|
+
# The socket the Telnet object is using, which is kind of TCPSocket and
|
190
|
+
# responds to all methods of IPAccess::TCPSocket.
|
191
|
+
# Note that this object becomes a delegate of the Telnet object,
|
192
|
+
# so normally you invoke its methods directly on the Telnet object.
|
193
|
+
|
194
|
+
attr_reader :sock
|
195
|
+
|
196
|
+
# :call-seq:
|
197
|
+
# new(opts) <tt>{|mesg| …}</tt><br />
|
198
|
+
# new(opts, acl) <tt>{|mesg| …}</tt>
|
199
|
+
#
|
200
|
+
# Creates a new object and attempts to connect
|
201
|
+
# to the host (unless the Proxy option is provided).
|
202
|
+
# If a block is provided, it is yielded as status messages
|
203
|
+
# on the attempt to connect to the server.
|
204
|
+
# It optionally sets an access set given as the
|
205
|
+
# last parameter or as +ACL+ member of +opts+.
|
206
|
+
# The access set given as an argument has precedence
|
207
|
+
# over access set given in options. If ACL parameter
|
208
|
+
# is not given it defaults to ACL to <tt>IPAccess::Set.Global</tt>.
|
209
|
+
|
210
|
+
def initialize
|
211
|
+
# Real code hidden.
|
212
|
+
end
|
213
|
+
|
214
|
+
# This method allows you to re-check access on demad.
|
215
|
+
# It uses internal socket's address and access set assigned
|
216
|
+
# to an object. It will close your communication session
|
217
|
+
# before throwing an exception in case of denied access
|
218
|
+
# – you can prevent it by setting the flag +opened_on_deny+
|
219
|
+
# to +true+. The flag can be set while initializing object
|
220
|
+
# (through argument +:opened_on_deny+) or by setting the
|
221
|
+
# attribute.
|
222
|
+
|
223
|
+
def acl_recheck
|
224
|
+
# Real code hidden.
|
225
|
+
end
|
226
|
+
|
227
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# :call-seq:
|
2
|
+
# blacklist(*addresses)<br />
|
3
|
+
# blacklist(list, *addresses)
|
4
|
+
#
|
5
|
+
# This method blacklists IP address(-es) in
|
6
|
+
# the input or output access list selected
|
7
|
+
# by the *list* argument (+:input+ or +:output+).
|
8
|
+
# If the access list selector is omited it
|
9
|
+
# operates on the default access list that certain
|
10
|
+
# kind of network object uses. The allowed format of address
|
11
|
+
# is the same as for IPAccess.to_cidrs.
|
12
|
+
# This method will not add nor remove any
|
13
|
+
# whitelisted item.
|
14
|
+
#
|
15
|
+
# === Restrictions
|
16
|
+
#
|
17
|
+
# This method won't allow you to modify the list if
|
18
|
+
# the global access set is associated with an object.
|
19
|
+
# You may operate on IPAccess::Set.Global or use
|
20
|
+
# blacklist! instead.
|
21
|
+
#
|
22
|
+
# === Return value
|
23
|
+
#
|
24
|
+
# It will return the result of calling
|
25
|
+
# IPAccess::List#blacklist on the list.
|
26
|
+
#
|
27
|
+
# === Revalidation
|
28
|
+
#
|
29
|
+
# After modyfing access set current connection
|
30
|
+
# is validated again to avoid access leaks.
|
31
|
+
#
|
32
|
+
# === DNS Warning
|
33
|
+
#
|
34
|
+
# You should avoid passing hostnames as arguments since
|
35
|
+
# DNS is not reliable and responses may change with time,
|
36
|
+
# which may cause security flaws.
|