wafoo 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +8 -0
- data/README.md +2 -2
- data/lib/wafoo/helper.rb +9 -0
- data/lib/wafoo/run.rb +52 -42
- data/lib/wafoo/version.rb +1 -1
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 97e1e0c5dc2c41f2401ee42d05cc463930528ef6fe5aaf2319784b1c1ce80408
|
4
|
+
data.tar.gz: dfcfaccc4bdc7a0bcab036c8fb42ef0cf186f02ca3194b3a2bd8819ce1728da7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5206bc7e5396b5b11fb2561c6167142d23e7fc229b82afeb8dd2027bc9a51fd2b6ec613d4b2f663728c33f1db917d9c8c010055906b30efe13b65579e8647aeb
|
7
|
+
data.tar.gz: 11e38af3dfa03a5c4da6785d7928560b1a3d719e952d7b35a584fa386e9c0e4d5449ffcad97122d0c536b23be086767cfcd3a28b88995a33f89c1bf6bc4a0a5b
|
data/.travis.yml
ADDED
data/README.md
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# wafoo
|
1
|
+
# wafoo [](https://travis-ci.org/inokappa/wafoo) [](https://badge.fury.io/rb/wafoo)
|
2
2
|
|
3
3
|
## これなに
|
4
4
|
|
@@ -68,4 +68,4 @@ $ bundle exec wafoo apply --ip-set-id=${IPSet ID} --dry-run
|
|
68
68
|
|
69
69
|
```sh
|
70
70
|
$ bundle exec wafoo apply --ip-set-id=${IPSet ID}
|
71
|
-
```
|
71
|
+
```
|
data/lib/wafoo/helper.rb
CHANGED
@@ -6,10 +6,19 @@ module Wafoo
|
|
6
6
|
puts table
|
7
7
|
end
|
8
8
|
|
9
|
+
def split_cidr(ipset)
|
10
|
+
addr = NetAddr::CIDR.create(ipset)
|
11
|
+
addr.enumerate
|
12
|
+
end
|
13
|
+
|
9
14
|
def added_print(message)
|
10
15
|
"\e[32m" + message + "\e[0m"
|
11
16
|
end
|
12
17
|
|
18
|
+
def info_print(message)
|
19
|
+
"\e[36m" + message + "\e[0m"
|
20
|
+
end
|
21
|
+
|
13
22
|
def removed_print(message)
|
14
23
|
"\e[31m" + message + "\e[0m"
|
15
24
|
end
|
data/lib/wafoo/run.rb
CHANGED
@@ -57,29 +57,33 @@ module Wafoo
|
|
57
57
|
|
58
58
|
def export_ipsets(ip_set_id)
|
59
59
|
ipsets = read_ipsets_from_api(ip_set_id)
|
60
|
-
|
60
|
+
puts 'Exporting IP List...'
|
61
|
+
ipsets.sort.each { |ipset| puts info_print(ipset) }
|
61
62
|
File.open(ip_set_id, 'w') do |f|
|
62
63
|
ipsets.sort.each { |ipset| f.puts(ipset) }
|
63
64
|
end
|
65
|
+
puts 'Exported to ' + added_print(ip_set_id)
|
64
66
|
end
|
65
67
|
|
66
68
|
def apply_ipsets(ipsets, ip_set_id)
|
67
69
|
waf = @regional ? @waf_regional : @waf
|
70
|
+
puts 'Applying IP List...'
|
68
71
|
change_token = waf.get_change_token.change_token
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
72
|
+
begin
|
73
|
+
waf.update_ip_set(
|
74
|
+
ip_set_id: ip_set_id,
|
75
|
+
change_token: change_token,
|
76
|
+
updates: ipsets
|
77
|
+
)
|
78
|
+
puts 'Apply Finished.'
|
79
|
+
rescue => ex
|
80
|
+
puts 'Apply Error ' + ex.message
|
81
|
+
end
|
79
82
|
end
|
80
83
|
|
81
84
|
def generate_delete_hash(ipset)
|
82
85
|
ipset.slice!(0)
|
86
|
+
# p ipset
|
83
87
|
h = {
|
84
88
|
action: 'DELETE',
|
85
89
|
ip_set_descriptor: {
|
@@ -88,20 +92,20 @@ module Wafoo
|
|
88
92
|
}
|
89
93
|
}
|
90
94
|
|
91
|
-
unless %w(8 16 24 33).include?(ipset.split('/').last)
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
end
|
95
|
+
# unless %w(8 16 24 33).include?(ipset.split('/').last)
|
96
|
+
# ips = split_cidr(ipset)
|
97
|
+
# ipsets_array = []
|
98
|
+
# ips.each do |ip|
|
99
|
+
# ipsets_array << {
|
100
|
+
# action: 'DELETE',
|
101
|
+
# ip_set_descriptor: {
|
102
|
+
# type: 'IPV4',
|
103
|
+
# value: ip + '/32'
|
104
|
+
# }
|
105
|
+
# }
|
106
|
+
# end
|
107
|
+
# return ipsets_array
|
108
|
+
# end
|
105
109
|
|
106
110
|
ipsets_hash = {
|
107
111
|
action: 'DELETE',
|
@@ -115,20 +119,20 @@ module Wafoo
|
|
115
119
|
|
116
120
|
def generate_insert_hash(ipset)
|
117
121
|
ipset.slice!(0)
|
118
|
-
unless %w(8 16 24 33).include?(ipset.split('/').last)
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
end
|
122
|
+
# unless %w(8 16 24 33).include?(ipset.split('/').last)
|
123
|
+
# ips = split_cidr(ipset)
|
124
|
+
# ipsets_array = []
|
125
|
+
# ips.each do |ip|
|
126
|
+
# ipsets_array << {
|
127
|
+
# action: 'INSERT',
|
128
|
+
# ip_set_descriptor: {
|
129
|
+
# type: 'IPV4',
|
130
|
+
# value: ip + '/32'
|
131
|
+
# }
|
132
|
+
# }
|
133
|
+
# end
|
134
|
+
# return ipsets_array
|
135
|
+
# end
|
132
136
|
|
133
137
|
ipsets_hash = {
|
134
138
|
action: 'INSERT',
|
@@ -147,17 +151,23 @@ module Wafoo
|
|
147
151
|
Diffy::Diff.new(_old, _new).each do |line|
|
148
152
|
case line
|
149
153
|
when /^\+/ then
|
150
|
-
puts added_print(line.chomp)
|
154
|
+
puts 'Add Line: ' + added_print(line.chomp)
|
151
155
|
ipsets << generate_insert_hash(line.chomp)
|
152
156
|
when /^-/ then
|
153
|
-
puts removed_print(line.chomp)
|
157
|
+
puts 'Remove Line: ' + removed_print(line.chomp)
|
154
158
|
ipsets << generate_delete_hash(line.chomp)
|
155
159
|
end
|
156
160
|
end
|
157
161
|
|
158
|
-
if dry_run
|
162
|
+
if !dry_run and ipsets.length > 0 then
|
159
163
|
apply_ipsets(ipsets.flatten, ip_set_id)
|
160
164
|
export_ipsets(ip_set_id)
|
165
|
+
elsif dry_run and ipsets.length > 0 then
|
166
|
+
puts 'Above IP list will be changed.'
|
167
|
+
exit 0
|
168
|
+
else
|
169
|
+
puts 'No IP list changed.'
|
170
|
+
exit 0
|
161
171
|
end
|
162
172
|
end
|
163
173
|
end
|
data/lib/wafoo/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: wafoo
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- inokappa
|
@@ -159,6 +159,7 @@ extensions: []
|
|
159
159
|
extra_rdoc_files: []
|
160
160
|
files:
|
161
161
|
- ".gitignore"
|
162
|
+
- ".travis.yml"
|
162
163
|
- Gemfile
|
163
164
|
- README.md
|
164
165
|
- Rakefile
|