class IpWrangler::Iptables
Public Class Methods
new(chain_name, logger)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 8 def initialize(chain_name, logger) @chain_name = chain_name @logger = logger end
Public Instance Methods
append_nat_ip(public_ip, private_ip)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 40 def append_nat_ip(public_ip, private_ip) rule_dnat, rule_snat = rule_nat_ip(public_ip, private_ip) execute(Command.check_rule("#{@chain_name}_PRE", 'nat', rule_dnat)) if $?.exitstatus == 1 execute(Command.append_rule("#{@chain_name}_PRE", 'nat', rule_dnat)) end execute(Command.check_rule("#{@chain_name}_POST", 'nat', rule_snat)) if $?.exitstatus == 1 execute(Command.append_rule("#{@chain_name}_POST", 'nat', rule_snat)) end end
append_nat_port(public_ip, public_port, private_ip, private_port, protocol)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 31 def append_nat_port(public_ip, public_port, private_ip, private_port, protocol) rule = rule_nat_port(public_ip, public_port, private_ip, private_port, protocol) execute(Command.check_rule("#{@chain_name}_PRE", 'nat', rule)) if $?.exitstatus == 1 execute(Command.append_rule("#{@chain_name}_PRE", 'nat', rule)) end end
delete_nat_ip(public_ip, private_ip)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 59 def delete_nat_ip(public_ip, private_ip) rule_dnat, rule_snat = rule_nat_ip(public_ip, private_ip) command_dnat = Command.delete_rule_spec("#{@chain_name}_PRE", rule_dnat, 'nat') command_snat = Command.delete_rule_spec("#{@chain_name}_POST", rule_snat, 'nat') execute(command_dnat, command_snat) end
delete_nat_port(public_ip, public_port, private_ip, private_port, protocol)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 53 def delete_nat_port(public_ip, public_port, private_ip, private_port, protocol) rule = rule_nat_port(public_ip, public_port, private_ip, private_port, protocol) execute(Command.delete_rule_spec("#{@chain_name}_PRE", rule, 'nat')) end
execute(*commands)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 83 def execute(*commands) commands.each do |command| IpWrangler::Exec.execute_iptables_command("#{command}") end end
not_exists_nat_ip?(public_ip, _)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 75 def not_exists_nat_ip?(public_ip, _) command = "#{$iptables_bin_path} -t nat -n -v -L #{@chain_name}_PRE | "\ "#{$awk_bin_path} '{print $9, $10}' | "\ "#{$grep_bin_path} -i '^#{public_ip}'" output = IpWrangler::Exec.execute_command(command) output.empty? end
not_exists_nat_port?(public_ip, public_port, protocol, _, _)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 67 def not_exists_nat_port?(public_ip, public_port, protocol, _, _) command = "#{$iptables_bin_path} -t nat -n -v -L #{@chain_name}_PRE | "\ "#{$awk_bin_path} '{print $9, $10, $11, $12}' | "\ "#{$grep_bin_path} -i '^#{public_ip} #{protocol} dpt:#{public_port}'" output = IpWrangler::Exec.execute_command(command) output.empty? end
rule_nat_ip(public_ip, private_ip)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 21 def rule_nat_ip(public_ip, private_ip) rule_dnat = [Parameter.destination(public_ip), Parameter.jump('DNAT'), Parameter.to_destination(private_ip)] rule_snat = [Parameter.source(private_ip), Parameter.jump('SNAT'), Parameter.to(public_ip)] return rule_dnat, rule_snat end
rule_nat_port(public_ip, public_port, private_ip, private_port, protocol)
click to toggle source
# File lib/ip_wrangler/iptables.rb, line 13 def rule_nat_port(public_ip, public_port, private_ip, private_port, protocol) [Parameter.destination(public_ip), Parameter.protocol(protocol), Parameter.destination_port(public_port), Parameter.jump('DNAT'), Parameter.to_destination("#{private_ip}:#{private_port}")] end