RubyGems - iptables-web - Versions diffs - 0.2.0.beta2 → 0.2.0.beta3 - Mend

iptables-web 0.2.0.beta2 → 0.2.0.beta3

Files changed (6) hide show

checksums.yaml +4 -4
data/bin/iptables-web +4 -2
data/lib/iptables_web/iptables.rb +1 -1
data/lib/iptables_web/model/access_rule.rb +36 -32
data/lib/iptables_web/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 180362da3e0cbb79b049fb1de73831fae308aed0
-  data.tar.gz: 4ab058862b9beb3af4bd65d0fc076a11c5e89272
+  metadata.gz: 8c562897e53377e50576a3b6cb7d3c09645a0ea5
+  data.tar.gz: 29069f3cd1828266aff8d3bfebb8b8a9ac9e6c7a
 SHA512:
-  metadata.gz: 4bac97d96e69e6c553dd9f36a576c224a7257a4a5dd0bf66e183aa58ab801f58ce57e2d66cf0bd35d1d64a8c522cb9a06a42f02d72e8c30db73e225f396f6c30
-  data.tar.gz: 1a46012cebf935add5b0ef0ae11b7db483057629c402e1912ee5763f03e1fb9b4156c00ec85e5a67816c8be3228d50f9aaceb54dc6327086603ad21725ae9d7b
+  metadata.gz: b33c840df50b2fc3d0e491a080b37f6316254867fa7db6cbf91b897a48d54853508df5f470d0b13f2aff628669a35bf5f94ca047f2ef7e00dfec44cea61ceb06
+  data.tar.gz: 7b77f19224ac8daf5e994df6d868d2b8752669ded18467e13270454a04c869851c28a14668cb87d09c5f4d532e1253eab8776669a01e53cd9102364908727ebe

data/bin/iptables-web CHANGED Viewed

@@ -10,6 +10,7 @@ default_command :update
 command :install do |c|
   c.syntax = 'iptables-web install'
   c.description = 'Displays foo'
+  c.option '--force', 'Force config '
   c.action do |args, options|
     config = IptablesWeb::Configuration.new
     api_url = ask('Api base url: ') { |q| q.default = config['api_base_url'] }
@@ -55,13 +56,14 @@ CONFIG
     say "* See 'iptables-save' format.\n"
     say "* * * * * * * * * * * * * * * * * * * * * * * * \n"
-    if File.exist?(static_rules)
+    if File.exist?(static_rules) && !options.force
       say 'File already exist!'
     else
       File.write static_rules, <<STATIC_RULES
 -A INPUT -i lo -j ACCEPT
+-A FORWARD -i lo -j ACCEPT
 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-# -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
+-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
 STATIC_RULES
     end
   end

data/lib/iptables_web/iptables.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module IptablesWeb
       lines = []
       lines << "*#{name}"
       lines << ':INPUT DROP [0:0]'
-      lines << ':FORWARD DROP [0:0]'
+      lines << ':FORWARD ACCEPT [0:0]'
       lines << ':OUTPUT ACCEPT [0:0]'
       lines << static_rules
       lines << Array(rules).map(&:to_s).join("\n")

data/lib/iptables_web/model/access_rule.rb CHANGED Viewed

@@ -9,41 +9,45 @@ module IptablesWeb
       def to_s
         protocols = protocol.to_s.downcase  == 'all' ? SUPPORTED_PROTOCOLS : [protocol]
         protocols.map do |protocol|
-          command = %w(-A INPUT)
-          self.attributes.each do |name, value|
-            case name.to_sym
-              when :port
-                next if  value.to_s.empty? || !value
-                if value.include?(',')
-                  command << '-m'
-                  command << 'multiport'
-                  command << '--dports'
-                  command << value
+          self.resolved_ips.map do |ip|
+            command = %w(-A INPUT)
+            self.attributes.each do |name, value|
+              case name.to_sym
+                when :port
+                  next if  value.to_s.empty? || !value
+                  if value.include?(',')
+                    command << '-m'
+                    command << 'multiport'
+                    command << '--dports'
+                    command << value
+                  else
+                    command << '--dport'
+                    command << value
+                  end
+                # when :ip
+                #   command << '-s'
+                #   command << value
+                when :protocol
+                  next unless protocol
+                  command << '-p'
+                  command << protocol
+                when :description
+                  if value
+                    command << '-m'
+                    command << 'comment'
+                    command << '--comment'
+                    command <<  "\"#{::Shellwords.escape(value)}\""
+                  end
                 else
-                  command << '--dport'
-                  command << value
-                end
-              when :ip
-                command << '-s'
-                command << value
-              when :protocol
-                next unless protocol
-                command << '-p'
-                command << protocol
-              when :description
-                if value
-                  command << '-m'
-                  command << 'comment'
-                  command << '--comment'
-                  command <<  ::Shellwords.escape(value)
-                end
-              else
-                #skip
+                  #skip
+              end
             end
+            command << '-s'
+            command << ip
+            command << '-j'
+            command << 'ACCEPT'
+            command.join(' ')
           end
-          command << '-j'
-          command << 'ACCEPT'
-          command.join(' ')
         end.join("\n")
         # -A INPUT -s 88.150.233.48/29 -p tcp -m tcp --dport 9200 -j ACCEPT
       end

data/lib/iptables_web/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module IptablesWeb
-  VERSION = '0.2.0.beta2'
+  VERSION = '0.2.0.beta3'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: iptables-web
 version: !ruby/object:Gem::Version
-  version: 0.2.0.beta2
+  version: 0.2.0.beta3
 platform: ruby
 authors:
 - NikolayMurga
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-12-17 00:00:00.000000000 Z
+date: 2014-12-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: system-getifaddrs