iptables-web 0.2.0.beta2 → 0.2.0.beta3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/iptables-web +4 -2
- data/lib/iptables_web/iptables.rb +1 -1
- data/lib/iptables_web/model/access_rule.rb +36 -32
- data/lib/iptables_web/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8c562897e53377e50576a3b6cb7d3c09645a0ea5
|
4
|
+
data.tar.gz: 29069f3cd1828266aff8d3bfebb8b8a9ac9e6c7a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b33c840df50b2fc3d0e491a080b37f6316254867fa7db6cbf91b897a48d54853508df5f470d0b13f2aff628669a35bf5f94ca047f2ef7e00dfec44cea61ceb06
|
7
|
+
data.tar.gz: 7b77f19224ac8daf5e994df6d868d2b8752669ded18467e13270454a04c869851c28a14668cb87d09c5f4d532e1253eab8776669a01e53cd9102364908727ebe
|
data/bin/iptables-web
CHANGED
@@ -10,6 +10,7 @@ default_command :update
|
|
10
10
|
command :install do |c|
|
11
11
|
c.syntax = 'iptables-web install'
|
12
12
|
c.description = 'Displays foo'
|
13
|
+
c.option '--force', 'Force config '
|
13
14
|
c.action do |args, options|
|
14
15
|
config = IptablesWeb::Configuration.new
|
15
16
|
api_url = ask('Api base url: ') { |q| q.default = config['api_base_url'] }
|
@@ -55,13 +56,14 @@ CONFIG
|
|
55
56
|
say "* See 'iptables-save' format.\n"
|
56
57
|
say "* * * * * * * * * * * * * * * * * * * * * * * * \n"
|
57
58
|
|
58
|
-
if File.exist?(static_rules)
|
59
|
+
if File.exist?(static_rules) && !options.force
|
59
60
|
say 'File already exist!'
|
60
61
|
else
|
61
62
|
File.write static_rules, <<STATIC_RULES
|
62
63
|
-A INPUT -i lo -j ACCEPT
|
64
|
+
-A FORWARD -i lo -j ACCEPT
|
63
65
|
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
64
|
-
|
66
|
+
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
|
65
67
|
STATIC_RULES
|
66
68
|
end
|
67
69
|
end
|
@@ -27,7 +27,7 @@ module IptablesWeb
|
|
27
27
|
lines = []
|
28
28
|
lines << "*#{name}"
|
29
29
|
lines << ':INPUT DROP [0:0]'
|
30
|
-
lines << ':FORWARD
|
30
|
+
lines << ':FORWARD ACCEPT [0:0]'
|
31
31
|
lines << ':OUTPUT ACCEPT [0:0]'
|
32
32
|
lines << static_rules
|
33
33
|
lines << Array(rules).map(&:to_s).join("\n")
|
@@ -9,41 +9,45 @@ module IptablesWeb
|
|
9
9
|
def to_s
|
10
10
|
protocols = protocol.to_s.downcase == 'all' ? SUPPORTED_PROTOCOLS : [protocol]
|
11
11
|
protocols.map do |protocol|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
12
|
+
self.resolved_ips.map do |ip|
|
13
|
+
command = %w(-A INPUT)
|
14
|
+
self.attributes.each do |name, value|
|
15
|
+
case name.to_sym
|
16
|
+
when :port
|
17
|
+
next if value.to_s.empty? || !value
|
18
|
+
if value.include?(',')
|
19
|
+
command << '-m'
|
20
|
+
command << 'multiport'
|
21
|
+
command << '--dports'
|
22
|
+
command << value
|
23
|
+
else
|
24
|
+
command << '--dport'
|
25
|
+
command << value
|
26
|
+
end
|
27
|
+
# when :ip
|
28
|
+
# command << '-s'
|
29
|
+
# command << value
|
30
|
+
when :protocol
|
31
|
+
next unless protocol
|
32
|
+
command << '-p'
|
33
|
+
command << protocol
|
34
|
+
when :description
|
35
|
+
if value
|
36
|
+
command << '-m'
|
37
|
+
command << 'comment'
|
38
|
+
command << '--comment'
|
39
|
+
command << "\"#{::Shellwords.escape(value)}\""
|
40
|
+
end
|
22
41
|
else
|
23
|
-
|
24
|
-
|
25
|
-
end
|
26
|
-
when :ip
|
27
|
-
command << '-s'
|
28
|
-
command << value
|
29
|
-
when :protocol
|
30
|
-
next unless protocol
|
31
|
-
command << '-p'
|
32
|
-
command << protocol
|
33
|
-
when :description
|
34
|
-
if value
|
35
|
-
command << '-m'
|
36
|
-
command << 'comment'
|
37
|
-
command << '--comment'
|
38
|
-
command << ::Shellwords.escape(value)
|
39
|
-
end
|
40
|
-
else
|
41
|
-
#skip
|
42
|
+
#skip
|
43
|
+
end
|
42
44
|
end
|
45
|
+
command << '-s'
|
46
|
+
command << ip
|
47
|
+
command << '-j'
|
48
|
+
command << 'ACCEPT'
|
49
|
+
command.join(' ')
|
43
50
|
end
|
44
|
-
command << '-j'
|
45
|
-
command << 'ACCEPT'
|
46
|
-
command.join(' ')
|
47
51
|
end.join("\n")
|
48
52
|
# -A INPUT -s 88.150.233.48/29 -p tcp -m tcp --dport 9200 -j ACCEPT
|
49
53
|
end
|
data/lib/iptables_web/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: iptables-web
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.0.
|
4
|
+
version: 0.2.0.beta3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- NikolayMurga
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-12-
|
11
|
+
date: 2014-12-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: system-getifaddrs
|