RubyGems - pomelo-router - Versions diffs - 0.0.2 - Mend

pomelo-router 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml ADDED

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    ODc0MzUwYWIxZWJhMWUwYzVmY2ZjNzkyNjk4ZWFlZGNiOTkzMmQwMg==
+  data.tar.gz: !binary |-
+    ZTAyMDU2ZmEyODkxMWQ5MjFkMWM1MmQxNGVjMzdjOGQyNGIyZjkyOQ==
+SHA512:
+  metadata.gz: !binary |-
+    YjY3MGQ2Njg3NGJiZjgyYTZlYWFiMGY4NGYxYjQxYTA5ZDU1ZjQwODk4YmI3
+    ZDNkYWI0NjI5NzI1ODZmNzhhZjA5NDY4ZjBlZjAzMjE4YTQ1ZjYyYWMzNTI0
+    NTM3Y2ZlYzU2Y2NkZmIyYTczMTk0NWI4N2QyODZiZTk2Njc1MGU=
+  data.tar.gz: !binary |-
+    MTNmZjdkMDg4OWE1MzBhNDJhOTZhMGE1MjU4MTYzOTBhZjFmNjg5MDFiZmQ3
+    OGEwODNkMTA0YzBkMmNkNTljMjg3NzY2NGE0NjI5YjAxOGU1MWEyYTZiNDU3
+    YjkyNzQzYzJlMmM5ZWVlMTc1NTliMDQ5MWRhNDk3MTIxYTAxOTk=

data/bin/pomelo ADDED

@@ -0,0 +1,6 @@
+#! /usr/bin/env ruby
+require 'pomelo'
+p = Pomelo.from_argv(ARGV)
+p.run

data/config.toml.example ADDED

@@ -0,0 +1,85 @@
+[networks]
+  # required, the loopback device, normally will be lo or lo0
+  loopback = "lo"
+  allow_icmp = true
+  [networks.internet]
+    ip = "111.111.111.111"
+    dev = "eth0"
+  [networks.locals]
+    [networks.locals.office]
+      net = "192.168.0.0/24"
+      dev = "eth1"
+    [networks.locals.guest]
+      net = "192.168.1.0/24"
+      dev = "eth1"
+  [networks.externals]
+    [networks.externals.vpn]
+      host = "192.168.99.2/24"
+      dev = "tun0"
+# custom host/ip ranges definitions
+[groups]
+  [groups.router]
+    host = "192.168.0.1"
+  [groups.www]
+    host = "192.168.0.2"
+  [groups.users]
+    range = "192.168.0.100-192.168.0.199"
+[traffic]
+  # default iptables rule, allow or deny
+  # if you set this to be deny, you will
+  # have to manually set the ports
+  # in the ports section
+  global = "deny"
+# openning ports on router
+# not necessary when traffic.global is "allow"
+[[ports]]
+  protocol = "tcp"
+  port = 22
+  dev = "eth0"
+[[ports]]
+  protocol = "tcp"
+  port = 8080
+  dev = "eth0"
+[[ports]]
+  protocol = "tcp"
+  port = 443
+  dev = "eth0"
+# rules
+[[rules]]
+  # access vpns for users
+  method = "gateway"
+  from = "#{groups.users}"
+  to = "#{networks.externals.vpn}"
+# gateway settings
+[[rules]]
+  method = "gateway"
+  from = "#{networks.locals.office}"
+  to = "#{networks.internet}"
+[[rules]]
+  method = "gateway"
+  from = "#{networks.locals.guest}"
+  to = "#{networks.internet}"
+# port forwarding
+[[rules]]
+  method = "forward"
+  from = 8080
+  protocol = "tcp"
+  to = "#{groups.www.host}:80"
+[[rules]]
+  method = "forward"
+  from = "50000:60000"
+  protocol = "tcp"
+  to = "#{groups.www.host}"

data/lib/pomelo.rb ADDED

@@ -0,0 +1,9 @@
+require 'pomelo/opts'
+require 'pomelo/parser'
+module Pomelo
+  def Pomelo.from_argv(argv)
+    opts = Opts.parse(argv)
+    return Parser.new(opts)
+  end
+end

data/lib/pomelo/opts.rb ADDED

@@ -0,0 +1,39 @@
+require 'optparse'
+require 'optparse/time'
+require 'ostruct'
+module Pomelo
+class Opts
+  def self.parse(args)
+    options = OpenStruct.new
+    options.mode = "run"
+    options.config_file = nil
+    opt = OptionParser.new do |opts|
+      opts.banner = "Usage: pomelo [-rp] path/to/config.yaml"
+      opts.separator ""
+      opts.separator "Specific options:"
+      opts.on("-r", "--run", "run commands") do
+        options.mode = "run"
+      end
+      opts.on("-p", "--print", "print commands") do
+        options.mode = "print"
+      end
+      opts.on("-c", "--configi [PATH]", String, "config file path") do |f|
+        options.config_file = f
+      end
+      opts.separator ""
+      opts.separator "Common options:"
+      opts.on_tail("-h", "--help", "Show help message") do
+        puts opts
+        exit
+      end
+    end
+    opt.parse!(args)
+    return options
+  end
+end
+end

data/lib/pomelo/parser.rb ADDED

@@ -0,0 +1,158 @@
+require 'toml'
+module Pomelo
+  class Parser
+    def initialize(opts)
+      @opts = opts
+      @commands = []
+      @config = get_config
+    end
+    def parse
+      parse_routes
+      parse_iptables
+    end
+    def run
+      parse
+      run_commands = @commands.join("\n")
+      if print_only?
+        puts run_commands
+      else
+        system run_commands
+      end
+    end
+    private
+    def print_only?
+      return @opts.mode == "print"
+    end
+    def get_config
+      config_file = @opts.config_file
+      unless config_file
+        puts "config file required"
+        exit
+      end
+      begin
+        config = TOML.load_file(config_file)
+      rescue Exception => e
+        puts e
+        puts e.backtrace.join("\n")
+        exit
+      end
+      return config
+    end
+    def parse_routes
+    end
+    def parse_iptables
+      init_iptables
+      open_ports
+      traffic_rules
+    end
+    def add_command(cmd)
+      @commands << cmd
+    end
+    def get_value(key)
+      parts = key.split "."
+      c = @config
+      parts.each do |p|
+        c = c[p]
+      end
+      # parsing quotes
+      c = parse_value(c) if c.is_a?(String)
+      return c
+    end
+    def parse_value(str)
+      return str.gsub(/\#\{([^\}]+)\}/) do |s|
+        a = s.gsub(/[\#\{\}]/, "")
+        return get_value(a)
+      end
+    end
+    def init_iptables
+      s = get_value("traffic.global") == "allow" ? "ACCEPT" : "DROP"
+      lo = get_value("networks.loopback")
+      add_command "iptables -F"
+      add_command "iptables -P INPUT #{s}"
+      add_command "iptables -P OUTPUT #{s}"
+      add_command "iptables -P FORWARD #{s}"
+      # allow loopback
+      add_command "iptables -A INPUT -i #{lo} -j ACCEPT"
+      add_command "iptables -A OUTPUT -o #{lo} -j ACCEPT"
+      # allow ping
+      if get_value("networks.allow_icmp")
+        add_command "iptables -A INPUT -p icmp -j ACCEPT"
+        add_command "iptables -A OUTPUT -p icmp -j ACCEPT"
+      end
+    end
+    def open_ports
+      get_value("ports").each do |p|
+        add_command "iptables -A INPUT -i #{p["dev"]} -p #{p["protocol"]} --dport #{p["port"]} -j ACCEPT"
+        add_command "iptables -A OUTPUT -o #{p["dev"]} -p #{p["protocol"]} --sport #{p["port"]} -j ACCEPT"
+      end
+    end
+    def traffic_rules
+      get_value("rules").each do |r|
+        parse_rule(r)
+      end
+    end
+    def parse_rule(r)
+      method = r["method"]
+      if method == "gateway"
+        parse_gateway_rule(r)
+      elsif method == "forward"
+        parse_forward_rule(r)
+      end
+    end
+    def parse_gateway_rule(r)
+      from = parse_value(r["from"])
+      to = parse_value(r["to"])
+      source = nil
+      if from["host"]
+        source = "-s #{from["host"]}"
+      elsif from["net"]
+        source = "-s #{from["net"]}"
+      elsif from["range"]
+        source = "-m iprange --src-range #{from["range"]}"
+      else
+        raise "from must contain host or range"
+      end
+      add_command "iptables -t nat -A POSTROUTING #{source} -o #{to["dev"]} -j MASQUERADE"
+    end
+    def parse_forward_rule(r)
+      from = r["from"]
+      protocol = r["protocol"] || "tcp"
+      # forward requires host for destination
+      to_host, to_port = parse_value(r["to"]).split(":")
+      if to_port
+        to = "#{to_host}:#{to_port}"
+      else
+        to_port = from
+        to = to_host
+      end
+      add_command "iptables -t nat -A PREROUTING -p #{protocol} --dport #{from} -j DNAT --to #{to}"
+      add_command "iptables -A FORWARD -p #{protocol} -d #{to_host} --dport #{to_port} -j ACCEPT"
+    end
+  end
+end

metadata ADDED

@@ -0,0 +1,63 @@
+--- !ruby/object:Gem::Specification
+name: pomelo-router
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Leon Chen
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-09-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: toml
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+description: linux router network setup automation
+email: leonhart.chen@gmail.com
+executables:
+- pomelo
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/pomelo
+- config.toml.example
+- lib/pomelo.rb
+- lib/pomelo/opts.rb
+- lib/pomelo/parser.rb
+homepage: https://github.com/leonchen/pomelo
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.6
+signing_key:
+specification_version: 4
+summary: pomelo-router
+test_files: []