RubyGems - iptables - Versions diffs - 0.0.1 - Mend

iptables 0.0.1

Files changed (16) hide show

data/.gitignore +3 -0
data/.ruby-version +1 -0
data/.travis.yml +12 -0
data/Gemfile +3 -0
data/README.md +17 -0
data/bin/iptables-decode +18 -0
data/iptables.gemspec +21 -0
data/lib/iptables.rb +327 -0
data/sample_data/complex-iptables-135 +219 -0
data/sample_data/complex-iptables-147 +270 -0
data/spec/spec_helper.rb +2 -0
data/spec/unit/iptables/decoder/basic_spec.rb +7 -0
data/spec/unit/iptables/decoder/rule_spec.rb +151 -0
data/spec/unit/iptables/decoder/shellsplit_spec.rb +27 -0
data/spec/unit/iptables/decoder/switch_hash_spec.rb +131 -0
metadata +112 -0

data/spec/unit/iptables/decoder/switch_hash_spec.rb ADDED

@@ -0,0 +1,131 @@
+require 'spec_helper'
+describe 'Iptables::Decoder#switch_hash' do
+  context 'default iptables compatibility' do
+    subject do
+      Iptables::Decoder.new
+    end
+    tests = [
+      {:name => "basic 1",
+       :input => ["-A", "OUTPUT", "-s", "1.1.1.2/32", "-j", "CLASSIFY", "--set-class", "0004:0056"],
+       :output => [
+        {:values=>["OUTPUT"], :switch=>"A"},
+        {:values=>["1.1.1.2/32"], :switch=>"s"},
+        {:values=>["CLASSIFY"], :switch=>"j"},
+        {:values=>["0004:0056"], :switch=>"set-class"}]},
+      {:name => "negate 1",
+       :input => ["-A", "OUTPUT", "!", "-o", "eth0"],
+       :output => [
+         {:values=>["OUTPUT"], :switch=>"A"},
+         {:negate=>true, :values=>["eth0"], :switch=>"o"}]},
+      {:name => "multivalues 1",
+       :input => ["-A", "INPUT", "-s", "1.1.1.1/32", "-p", "tcp", "-m", "tcp", "!", "--tcp-flags", "FIN,SYN,RST,ACK", "SYN"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["1.1.1.1/32"], :switch=>"s"},
+         {:values=>["tcp"], :switch=>"p"},
+         {:values=>["tcp"], :switch=>"m"},
+         {:negate=>true, :values=>["FIN,SYN,RST,ACK", "SYN"], :switch=>"tcp-flags"}]},
+      {:name => "complex 1",
+       :input => ["-A", "INPUT", "-p", "ah", "-m", "ah", "!", "--ahspi", "1", "-m", "connmark", "--mark", "0x3/0x1", "-m", "ah", "--ahspi", "3", "-m", "connmark", "!", "--mark", "0x18/0x1"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["ah"], :switch=>"p"},
+         {:values=>["ah"], :switch=>"m"},
+         {:negate=>true, :values=>["1"], :switch=>"ahspi"},
+         {:values=>["connmark"], :switch=>"m"},
+         {:values=>["0x3/0x1"], :switch=>"mark"},
+         {:values=>["ah"], :switch=>"m"},
+         {:values=>["3"], :switch=>"ahspi"},
+         {:values=>["connmark"], :switch=>"m"},
+         {:negate=>true, :values=>["0x18/0x1"], :switch=>"mark"}]},
+      {:name => "complex 2",
+       :input => ["-A", "INPUT", "-s", "1.1.1.1/32", "-m", "connbytes", "!", "--connbytes", "10:1000", "--connbytes-mode", "packets", "--connbytes-dir", "both"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["1.1.1.1/32"], :switch=>"s"},
+         {:values=>["connbytes"], :switch=>"m"},
+         {:negate=>true, :values=>["10:1000"], :switch=>"connbytes"},
+         {:values=>["packets"], :switch=>"connbytes-mode"},
+         {:values=>["both"], :switch=>"connbytes-dir"}]},
+      {:name => "space args 1",
+       :input => ["-A", "INPUT", "-p", "tcp", "-m", "comment", "--comment", "000 foo", "-j", "ACCEPT"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["tcp"], :switch=>"p"},
+         {:values=>["comment"], :switch=>"m"},
+         {:values=>["000 foo"], :switch=>"comment"},
+         {:values=>["ACCEPT"], :switch=>"j"}]},
+    ]
+    tests.each do |t|
+      it "run sample test [#{t[:name]}]" do
+        subject.switch_hash(t[:input]).should eq t[:output]
+      end
+    end
+  end
+  context '1.3.5 iptables compatibility' do
+    subject do
+      Iptables::Decoder.new(:iptables_compatibility => '1.3.5')
+    end
+    tests = [
+      {:name => "basic 1",
+       :input => ["-A", "OUTPUT", "-s", "1.1.1.2/32", "-j", "CLASSIFY", "--set-class", "0004:0056"],
+       :output => [
+        {:values=>["OUTPUT"], :switch=>"A"},
+        {:values=>["1.1.1.2/32"], :switch=>"s"},
+        {:values=>["CLASSIFY"], :switch=>"j"},
+        {:values=>["0004:0056"], :switch=>"set-class"}]},
+      {:name => "negate 1",
+       :input => ["-A", "OUTPUT", "-o", "!", "eth0"],
+       :output => [
+         {:values=>["OUTPUT"], :switch=>"A"},
+         {:negate=>true, :values=>["eth0"], :switch=>"o"}]},
+      {:name => "multivalues 1",
+       :input => ["-A", "INPUT", "-s", "1.1.1.1/32", "-p", "tcp", "-m", "tcp", "!", "--tcp-flags", "FIN,SYN,RST,ACK", "SYN"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["1.1.1.1/32"], :switch=>"s"},
+         {:values=>["tcp"], :switch=>"p"},
+         {:values=>["tcp"], :switch=>"m"},
+         {:negate=>true, :values=>["FIN,SYN,RST,ACK", "SYN"], :switch=>"tcp-flags"}]},
+      {:name => "complex 1",
+       :input => ["-A", "INPUT", "-p", "ah", "-m", "ah", "!", "--ahspi", "1", "-m", "connmark", "--mark", "0x3/0x1", "-m", "ah", "--ahspi", "3", "-m", "connmark", "!", "--mark", "0x18/0x1"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["ah"], :switch=>"p"},
+         {:values=>["ah"], :switch=>"m"},
+         {:negate=>true, :values=>["1"], :switch=>"ahspi"},
+         {:values=>["connmark"], :switch=>"m"},
+         {:values=>["0x3/0x1"], :switch=>"mark"},
+         {:values=>["ah"], :switch=>"m"},
+         {:values=>["3"], :switch=>"ahspi"},
+         {:values=>["connmark"], :switch=>"m"},
+         {:negate=>true, :values=>["0x18/0x1"], :switch=>"mark"}]},
+      {:name => "complex 2",
+       :input => ["-A", "INPUT", "-s", "1.1.1.1/32", "-m", "connbytes", "!", "--connbytes", "10:1000", "--connbytes-mode", "packets", "--connbytes-dir", "both"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["1.1.1.1/32"], :switch=>"s"},
+         {:values=>["connbytes"], :switch=>"m"},
+         {:negate=>true, :values=>["10:1000"], :switch=>"connbytes"},
+         {:values=>["packets"], :switch=>"connbytes-mode"},
+         {:values=>["both"], :switch=>"connbytes-dir"}]},
+      {:name => "space args 1",
+       :input => ["-A", "INPUT", "-p", "tcp", "-m", "comment", "--comment", "000 foo", "-j", "ACCEPT"],
+       :output => [
+         {:values=>["INPUT"], :switch=>"A"},
+         {:values=>["tcp"], :switch=>"p"},
+         {:values=>["comment"], :switch=>"m"},
+         {:values=>["000 foo"], :switch=>"comment"},
+         {:values=>["ACCEPT"], :switch=>"j"}]},
+    ]
+    tests.each do |t|
+      it "run sample test [#{t[:name]}]" do
+        subject.switch_hash(t[:input]).should eq t[:output]
+      end
+    end
+  end
+end

metadata ADDED

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification
+name: iptables
+version: !ruby/object:Gem::Version
+  hash: 29
+  prerelease:
+  segments:
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors:
+- Ken Barber
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2013-03-20 00:00:00 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: json
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency
+  name: rspec
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id002
+description:
+email:
+- ken@bob.sh
+executables:
+- iptables-decode
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .ruby-version
+- .travis.yml
+- Gemfile
+- README.md
+- bin/iptables-decode
+- iptables.gemspec
+- lib/iptables.rb
+- sample_data/complex-iptables-135
+- sample_data/complex-iptables-147
+- spec/spec_helper.rb
+- spec/unit/iptables/decoder/basic_spec.rb
+- spec/unit/iptables/decoder/rule_spec.rb
+- spec/unit/iptables/decoder/shellsplit_spec.rb
+- spec/unit/iptables/decoder/switch_hash_spec.rb
+homepage: https://github.com/kbarber/ruby-iptables
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      hash: 57
+      segments:
+      - 1
+      - 8
+      - 7
+      version: 1.8.7
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      hash: 3
+      segments:
+      - 0
+      version: "0"
+requirements: []
+rubyforge_project:
+rubygems_version: 1.8.24
+signing_key:
+specification_version: 3
+summary: iptables-save encoder/decoder
+test_files:
+- spec/unit/iptables/decoder/basic_spec.rb
+- spec/unit/iptables/decoder/rule_spec.rb
+- spec/unit/iptables/decoder/shellsplit_spec.rb
+- spec/unit/iptables/decoder/switch_hash_spec.rb