riptables 1.0.2 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1a0001312aa10d20133b4843b16451b564e885df
-  data.tar.gz: 7cf791344ec27b7f68945b837c6905ec26ef6155
+  metadata.gz: 766566a3853854ae3589b867f2439e9290caa9ff
+  data.tar.gz: cd44a4c622678cbb8b096b79a1e88d918591e36d
 SHA512:
-  metadata.gz: 18a1cf008d7dddd71409ec6bb65baf1135420f6fd979f425a5fca2ae145bcd3dc51df6607d713008840e4710283b561957a5f6314e054c10108b3f707ef98923
-  data.tar.gz: b73604d7df64a8dd047be08d4528c8296856e5f08d1dede44df7d96ea444bba1fa39a27f39df3c7957dc8660500bb507a0892c402cdc4d834d51111464b43d5e
+  metadata.gz: 0991728751419c75fd2fe73b9969d4a62b363da466ac19a8654e04b4dfee019ad6efb108be6f103ce2dbda93b6f6f0efa2ee13cc56c5642971b008013c4ef389
+  data.tar.gz: 32c66598e8ef354764bfc9bdf99f454b1e0d184c88b0635b80a69ce3e4cfb61ca6c017f70966e269c0c64538aa57d694d700bf37a1b7f5333a271d41b8f0b260

data/bin/riptables

@@ -31,5 +31,6 @@ rescue Riptables::Error => e
   exit 1
 rescue => e
   $stderr.puts "\e[31m#{e.class}: #{e.message}\e[0m"
+  puts e.backtrace
   exit 1
 end

data/lib/riptables/base.rb

@@ -5,9 +5,11 @@ module Riptables
   class Base
 
     attr_reader :tables
+    attr_reader :host_groups
 
     def initialize(&block)
       @tables = []
+      @host_groups = {}
       dsl.instance_eval(&block) if block_given?
     end
 
@@ -16,14 +18,18 @@ module Riptables
     end
 
     def self.load_from_file(file)
+      base = Base.new
       if File.file?(file)
-        base = Base.new
-        base.dsl.instance_eval(File.read(file), file)
+        base.load_from_file(file)
         base
       else
         raise Error, "File not found at `#{file}`"
       end
     end
 
+    def load_from_file(file)
+      self.dsl.instance_eval(File.read(file), file)
+    end
+
   end
 end

data/lib/riptables/dsl/base.rb

@@ -1,5 +1,6 @@
 require 'riptables/dsl/base'
 require 'riptables/table'
+require 'riptables/host_group'
 
 module Riptables
   module DSL
@@ -15,6 +16,16 @@ module Riptables
         @base.tables << table
       end
 
+      def host_group(name, &block)
+        host_group = Riptables::HostGroup.new(@base, name)
+        host_group.dsl.instance_eval(&block)
+        @base.host_groups[name] = host_group
+      end
+
+      def load(name)
+        @base.load_from_file(File.expand_path(name))
+      end
+
     end
   end
 end

data/lib/riptables/dsl/host_group.rb

@@ -0,0 +1,18 @@
+require 'riptables/dsl/global'
+require 'riptables/host'
+
+module Riptables
+  module DSL
+    class HostGroup < Global
+
+      def initialize(host_group)
+        @host_group = host_group
+      end
+
+      def host(name, options = {})
+        @host_group.hosts[name] = Riptables::Host.new(self, name, options)
+      end
+
+    end
+  end
+end

data/lib/riptables/host.rb

@@ -0,0 +1,15 @@
+module Riptables
+  class Host
+
+    attr_reader :host_group
+    attr_reader :name
+    attr_reader :ips
+
+    def initialize(host_group, name, ips = {})
+      @host_group = host_group
+      @name = name
+      @ips = ips
+    end
+
+  end
+end

data/lib/riptables/host_group.rb

@@ -0,0 +1,21 @@
+require 'riptables/dsl/host_group'
+
+module Riptables
+  class HostGroup
+
+    attr_reader :base
+    attr_reader :name
+    attr_reader :hosts
+
+    def initialize(base, name)
+      @base = base
+      @name = name
+      @hosts = {}
+    end
+
+    def dsl
+      @dsl ||= DSL::HostGroup.new(self)
+    end
+
+  end
+end

data/lib/riptables/rule.rb

@@ -17,7 +17,6 @@ module Riptables
     attr_accessor :versions
     attr_reader :chain
     attr_reader :permutations
-    attr_reader :conditions
 
     def dsl
       @dsl ||= DSL::Rule.new(self)
@@ -31,9 +30,18 @@ module Riptables
       if permutations.empty?
         [self]
       else
-        permutations.map(&:to_rule)
+        permutations.map(&:to_rules).flatten
       end
     end
 
+    def dup
+      new_rule = self.class.new(self.chain)
+      new_rule.description  = self.description.dup      if self.description
+      new_rule.rule         = self.rule.dup             if self.rule
+      new_rule.action       = self.action               if self.action
+      new_rule.conditions   = self.conditions.dup       if self.conditions
+      new_rule
+    end
+
   end
 end

data/lib/riptables/rule_permutation.rb

@@ -16,25 +16,69 @@ module Riptables
     attr_reader :options
     attr_reader :conditions
 
+    def version
+      self.options[:v] ||
+      self.options[:version] ||
+      (has_ipv4_ip_address? ? 4 : nil) ||
+      (has_ipv6_ip_address? ? 6 : nil)
+    end
+
+    #
+    # Does this permutation include an IPv6 address option?
+    #
+    def has_ipv4_ip_address?
+      self.options[:ip].is_a?(String) && self.options[:ip] =~ /\A\d+\.\d+\.\d+\.\d+/
+    end
+
+    #
+    # Does this permutation include an IPv6 address option?
+    #
+    def has_ipv6_ip_address?
+      self.options[:ip].is_a?(String) && self.options[:ip].include?(':')
+    end
+
+    #
+    # Does this permutation include a host group?
+    #
+    def has_host_group?
+      self.options[:ip].is_a?(Symbol)
+    end
+
     #
     # Convert this permutation into a full rule in its own right
     #
-    def to_rule
-      new_rule = Rule.new(rule.chain)
-      new_rule.description = "#{rule.description} (#{self.description})"
-      new_rule.rule = rule.rule.gsub(/\{\{(\w+)\}\}/) do
-        if value = self.options[$1.to_sym]
-          value
+    def to_rules
+      Array.new.tap do |rules|
+        new_rule = Rule.new(rule.chain)
+        new_rule.description = "#{rule.description} (#{self.description})"
+        new_rule.rule = rule.rule.gsub(/\{\{(\w+)\}\}/) do
+          if value = self.options[$1.to_sym]
+            value
+          else
+            "{{#{$1}}}"
+          end
+        end
+        new_rule.action = rule.action
+        new_rule.conditions = rule.conditions | self.conditions
+        if self.version
+          new_rule.versions = [self.version]
+        end
+
+        if has_host_group?
+          host_group = @rule.chain.table.base.host_groups[self.options[:ip]]
+          host_group.hosts.each do |key, host|
+            host.ips.each do |v, ip|
+              hg_rule = new_rule.dup
+              hg_rule.description += " (#{host.name} via #{host_group.name})"
+              hg_rule.rule.gsub!(host_group.name.to_s, ip)
+              hg_rule.versions = [v]
+              rules << hg_rule
+            end
+          end
         else
-          "{{#{$1}}}"
+          rules << new_rule
         end
       end
-      new_rule.action = rule.action
-      new_rule.conditions = rule.conditions | self.conditions
-      if v = (self.options[:v] || self.options[:version])
-        new_rule.versions = [v.to_i]
-      end
-      new_rule
     end
 
   end

data/lib/riptables/version.rb

@@ -1,3 +1,3 @@
 module Riptables
-  VERSION = '1.0.2'
+  VERSION = '1.1.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: riptables
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.1.0
 platform: ruby
 authors:
 - Adam Cooke
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-21 00:00:00.000000000 Z
+date: 2015-08-13 00:00:00.000000000 Z
 dependencies: []
 description: 'An Ruby DSL for generating iptables configuration. '
 email:
@@ -27,9 +27,12 @@ files:
 - lib/riptables/condition.rb
 - lib/riptables/dsl/base.rb
 - lib/riptables/dsl/global.rb
+- lib/riptables/dsl/host_group.rb
 - lib/riptables/dsl/rule.rb
 - lib/riptables/dsl/table.rb
 - lib/riptables/error.rb
+- lib/riptables/host.rb
+- lib/riptables/host_group.rb
 - lib/riptables/role_condition.rb
 - lib/riptables/rule.rb
 - lib/riptables/rule_permutation.rb
@@ -60,9 +63,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: An Ruby DSL for generating iptables configuration.
 test_files: []
-has_rdoc: