iptables-web 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/iptables-web +10 -1
- data/lib/iptables_web/configuration.rb +10 -0
- data/lib/iptables_web/iptables.rb +0 -1
- data/lib/iptables_web/model/base.rb +4 -1
- data/lib/iptables_web/model/node.rb +15 -13
- data/lib/iptables_web/version.rb +1 -1
- metadata +22 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 60035381ec896cdd96b0892e60dd1cb43949f853
|
4
|
+
data.tar.gz: e211d23ba54a7b389323c7723df8b5565f9adf0d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9d74bd5fc7379eddccefc52857f182196aa9bafdbf0c75eaf6e319fb5cef673919b93e8f568410c504985025137df3e32ebb5f8e93d76da97b149bc551dc05b0
|
7
|
+
data.tar.gz: f7c0656a71cd42fcf58bac89a39f5592ef7c4afb6f41b986b259be66b97f7c881c06e7e7cfa06ffd71f8ab461dead64bbce6f899dd46e847d477625589ed8e23
|
data/bin/iptables-web
CHANGED
@@ -76,15 +76,24 @@ command :update do |c|
|
|
76
76
|
c.description = 'Display bar with optional prefix and suffix'
|
77
77
|
c.option '--config STRING', String, 'Path to config file'
|
78
78
|
c.option '--print', 'Show rules without restoring'
|
79
|
+
c.option '--force', 'Set rules omit checksum check'
|
79
80
|
c.action do |_, options|
|
80
81
|
IptablesWeb.configuration.load(options.config) if options.config
|
81
82
|
IptablesWeb::Model::Node.handshake do
|
82
83
|
rules = IptablesWeb::Model::AccessRule.all
|
83
84
|
iptables = IptablesWeb::Iptables.new
|
85
|
+
last_checksum = rules.response.headers[:etag].first
|
84
86
|
if options.print
|
87
|
+
say "Loading rules from #{IptablesWeb.configuration['api_base_url']}"
|
88
|
+
say 'Nothing changed.' if IptablesWeb::Configuration.checksum?(last_checksum)
|
85
89
|
say iptables.render(rules)
|
86
90
|
else
|
87
|
-
|
91
|
+
if IptablesWeb::Configuration.checksum?(rules.response.headers[:etag].first) && !options.force
|
92
|
+
say 'Skip iptables update. Nothing changed.'
|
93
|
+
else
|
94
|
+
iptables.restore(rules)
|
95
|
+
IptablesWeb::Configuration.checksum = last_checksum
|
96
|
+
end
|
88
97
|
end
|
89
98
|
end
|
90
99
|
end
|
@@ -4,9 +4,11 @@ module IptablesWeb
|
|
4
4
|
attr_accessor :loaded
|
5
5
|
CONFIG_FILES = %W(#{ENV['HOME']}/.iptables-web/config.yml /etc/iptables-web/config.yml)
|
6
6
|
STATIC_RULES_FILES = %W(#{ENV['HOME']}/.iptables-web/static_rules /etc/iptables-web/static_rules)
|
7
|
+
CHECKSUM_FILE = "#{ENV['HOME']}/.iptables-web/checksum"
|
7
8
|
|
8
9
|
def initialize
|
9
10
|
CONFIG_FILES.each do |config|
|
11
|
+
puts "Load configuration from #{config}"
|
10
12
|
if load(config)
|
11
13
|
@loaded = true
|
12
14
|
break
|
@@ -35,6 +37,14 @@ module IptablesWeb
|
|
35
37
|
end
|
36
38
|
end
|
37
39
|
|
40
|
+
def self.checksum?(checksum)
|
41
|
+
File.exists?(CHECKSUM_FILE) && File.read(CHECKSUM_FILE) == checksum
|
42
|
+
end
|
43
|
+
|
44
|
+
def self.checksum=(checksum)
|
45
|
+
File.write(CHECKSUM_FILE, checksum)
|
46
|
+
end
|
47
|
+
|
38
48
|
def self.config_dir
|
39
49
|
File.join(ENV['HOME'], '.iptables-web')
|
40
50
|
end
|
@@ -32,7 +32,6 @@ module IptablesWeb
|
|
32
32
|
lines << ':FORWARD ACCEPT [0:0]'
|
33
33
|
lines << ':OUTPUT ACCEPT [0:0]'
|
34
34
|
lines << static_filter.join("\n").strip if static_filter
|
35
|
-
lines << "\n"
|
36
35
|
lines << Array(rules).map(&:to_s).join("\n").strip
|
37
36
|
lines << "COMMIT\n"
|
38
37
|
static_rules.each do |chain, sub_rules|
|
@@ -1,11 +1,14 @@
|
|
1
1
|
require 'active_resource'
|
2
|
+
require 'active_resource_response'
|
3
|
+
|
2
4
|
module IptablesWeb
|
3
5
|
module Model
|
4
6
|
class Base < ActiveResource::Base
|
7
|
+
add_response_method :response
|
5
8
|
def self.configure(config)
|
6
9
|
self.site = "#{config['api_base_url']}/api"
|
7
10
|
headers['X-Node-Access-Token'] = config['access_token']
|
8
11
|
end
|
9
12
|
end
|
10
13
|
end
|
11
|
-
end
|
14
|
+
end
|
@@ -6,19 +6,21 @@ module IptablesWeb
|
|
6
6
|
|
7
7
|
def self.handshake
|
8
8
|
node = find('current')
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
node.ips
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
9
|
+
if node
|
10
|
+
yield if block_given?
|
11
|
+
# save node after updating
|
12
|
+
node.ips = []
|
13
|
+
::System.get_ifaddrs.each do |interface, config|
|
14
|
+
next if interface.to_s.include?('lo')
|
15
|
+
node.ips.push({
|
16
|
+
interface: interface,
|
17
|
+
ip: config[:inet_addr],
|
18
|
+
netmask: config[:netmask]
|
19
|
+
})
|
20
|
+
end
|
21
|
+
node.ips.uniq! { |ip| ip[:ip] }
|
22
|
+
node.hostname = `hostname -f`
|
23
|
+
node.save
|
22
24
|
end
|
23
25
|
end
|
24
26
|
end
|
data/lib/iptables_web/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: iptables-web
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- NikolayMurga
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: system-getifaddrs
|
@@ -64,6 +64,26 @@ dependencies:
|
|
64
64
|
- - '>='
|
65
65
|
- !ruby/object:Gem::Version
|
66
66
|
version: 4.0.0
|
67
|
+
- !ruby/object:Gem::Dependency
|
68
|
+
name: activeresource-response
|
69
|
+
requirement: !ruby/object:Gem::Requirement
|
70
|
+
requirements:
|
71
|
+
- - ~>
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: '1.0'
|
74
|
+
- - '>='
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: 1.1.1
|
77
|
+
type: :runtime
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ~>
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '1.0'
|
84
|
+
- - '>='
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: 1.1.1
|
67
87
|
- !ruby/object:Gem::Dependency
|
68
88
|
name: bundler
|
69
89
|
requirement: !ruby/object:Gem::Requirement
|