iptables-web 0.1.0 → 0.2.0.beta1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/iptables-web +9 -3
- data/lib/iptables_web/iptables.rb +0 -1
- data/lib/iptables_web/model/access_rule.rb +37 -40
- data/lib/iptables_web/model/node.rb +1 -1
- data/lib/iptables_web/version.rb +1 -1
- data/lib/iptables_web.rb +1 -0
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d1617382a4273d74b32143e069ed9ceec430a890
|
|
4
|
+
data.tar.gz: 183bebac53e65517e71674382e4300d1d3e29d60
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4130032a62a91def785039cad41784b5de812183f4b9937315e267592bb48cde769351f3f52b1bbb97504f6e3a0bb0a5892b079fec0b3b44e5985928bd70111c
|
|
7
|
+
data.tar.gz: 6b316ef4967f98cc6b5b87b1a874375a677b3aa041fee4bd2f0f1a0ad7a3b9d5d61092b079bacbb9052830a63cc6d7c2066c7835caf47c662ea5e5092ad312ac
|
data/bin/iptables-web
CHANGED
|
@@ -71,11 +71,17 @@ command :update do |c|
|
|
|
71
71
|
c.syntax = 'iptables-web update'
|
|
72
72
|
c.description = 'Display bar with optional prefix and suffix'
|
|
73
73
|
c.option '--config STRING', String, 'Path to config file'
|
|
74
|
-
c.
|
|
74
|
+
c.option '--print', 'Show rules without restoring'
|
|
75
|
+
c.action do |_, options|
|
|
75
76
|
IptablesWeb::Configuration.load(options.config) if options.config
|
|
76
77
|
IptablesWeb::Model::Node.handshake do
|
|
77
|
-
|
|
78
|
-
|
|
78
|
+
rules = IptablesWeb::Model::AccessRule.all
|
|
79
|
+
if options.print
|
|
80
|
+
say rules.map(&:to_s).join("\n")
|
|
81
|
+
else
|
|
82
|
+
iptables = IptablesWeb::Iptables.new
|
|
83
|
+
iptables.restore(rules)
|
|
84
|
+
end
|
|
79
85
|
end
|
|
80
86
|
end
|
|
81
87
|
end
|
|
@@ -1,53 +1,50 @@
|
|
|
1
|
+
require 'shellwords'
|
|
1
2
|
module IptablesWeb
|
|
2
3
|
module Model
|
|
3
4
|
class AccessRule < Base
|
|
4
5
|
self.element_name = 'access_rule'
|
|
5
6
|
|
|
6
|
-
|
|
7
|
-
chain: 'INPUT',
|
|
8
|
-
target_chain: 'ACCEPT',
|
|
9
|
-
protocol: '-p {value}',
|
|
10
|
-
port: '--dport {value}',
|
|
11
|
-
ip: '-s {value}',
|
|
12
|
-
description: '-m comment --comment "{value}"'
|
|
13
|
-
}
|
|
7
|
+
SUPPORTED_PROTOCOLS = %w(tcp udp)
|
|
14
8
|
|
|
15
9
|
def to_s
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
10
|
+
protocols = protocol.to_s.downcase == 'all' ? SUPPORTED_PROTOCOLS : [protocol]
|
|
11
|
+
protocols.map do |protocol|
|
|
12
|
+
command = %w(-A INPUT)
|
|
13
|
+
self.attributes.each do |name, value|
|
|
14
|
+
case name.to_sym
|
|
15
|
+
when :port
|
|
16
|
+
next if value.to_s.empty? || !value
|
|
17
|
+
if value.include?(',')
|
|
18
|
+
command << '-m'
|
|
19
|
+
command << 'multiport'
|
|
20
|
+
command << '--dports'
|
|
21
|
+
command << value
|
|
22
|
+
else
|
|
23
|
+
command << '--dport'
|
|
24
|
+
command << value
|
|
25
|
+
end
|
|
26
|
+
when :ip
|
|
27
|
+
command << '-s'
|
|
26
28
|
command << value
|
|
29
|
+
when :protocol
|
|
30
|
+
next unless protocol
|
|
31
|
+
command << '-p'
|
|
32
|
+
command << protocol
|
|
33
|
+
when :description
|
|
34
|
+
if value
|
|
35
|
+
command << '-m'
|
|
36
|
+
command << 'comment'
|
|
37
|
+
command << '--comment'
|
|
38
|
+
command << ::Shellwords.escape(value)
|
|
39
|
+
end
|
|
27
40
|
else
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
end
|
|
31
|
-
when :ip
|
|
32
|
-
command << '-s'
|
|
33
|
-
command << value
|
|
34
|
-
when :protocol
|
|
35
|
-
command << '-p'
|
|
36
|
-
command << value
|
|
37
|
-
when :description
|
|
38
|
-
if value
|
|
39
|
-
command << '-m'
|
|
40
|
-
command << 'comment'
|
|
41
|
-
command << '--comment'
|
|
42
|
-
command << Shellwords.escape(value)
|
|
43
|
-
end
|
|
44
|
-
else
|
|
45
|
-
#skip
|
|
41
|
+
#skip
|
|
42
|
+
end
|
|
46
43
|
end
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
44
|
+
command << '-j'
|
|
45
|
+
command << 'ACCEPT'
|
|
46
|
+
command.join(' ')
|
|
47
|
+
end.join("\n")
|
|
51
48
|
# -A INPUT -s 88.150.233.48/29 -p tcp -m tcp --dport 9200 -j ACCEPT
|
|
52
49
|
end
|
|
53
50
|
|
|
@@ -7,7 +7,7 @@ module IptablesWeb
|
|
|
7
7
|
def self.handshake
|
|
8
8
|
node = find('current')
|
|
9
9
|
node.ips = []
|
|
10
|
-
System.get_ifaddrs.each do |interface, config|
|
|
10
|
+
::System.get_ifaddrs.each do |interface, config|
|
|
11
11
|
next if interface.to_s.include?('lo')
|
|
12
12
|
node.ips.push({
|
|
13
13
|
interface: interface,
|
data/lib/iptables_web/version.rb
CHANGED
data/lib/iptables_web.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: iptables-web
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0.beta1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- NikolayMurga
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-12-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: system-getifaddrs
|
|
@@ -115,12 +115,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
115
115
|
version: '0'
|
|
116
116
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
117
117
|
requirements:
|
|
118
|
-
- - '
|
|
118
|
+
- - '>'
|
|
119
119
|
- !ruby/object:Gem::Version
|
|
120
|
-
version:
|
|
120
|
+
version: 1.3.1
|
|
121
121
|
requirements: []
|
|
122
122
|
rubyforge_project:
|
|
123
|
-
rubygems_version: 2.
|
|
123
|
+
rubygems_version: 2.4.5
|
|
124
124
|
signing_key:
|
|
125
125
|
specification_version: 4
|
|
126
126
|
summary: Write a short summary. Required.
|