class IpWrangler::NAT

Public Class Methods

new(config, logger) click to toggle source
# File lib/ip_wrangler/nat.rb, line 5
def initialize(config, logger)
  @config = config
  @db = DB.new(config['db_path'], logger)
  @iptables = Iptables.new($config['iptables_chain_name'], logger)
  @logger = logger

  @db.select_nat_port.each do |nat_port|
    @iptables.append_nat_port(nat_port[:public_ip], nat_port[:public_port],
                              nat_port[:private_ip], nat_port[:private_port],
                              nat_port[:protocol])
  end
  @db.select_nat_ip.each do |nat_ip|
    @iptables.append_nat_ip(nat_ip[:public_ip], nat_ip[:private_ip])
  end
end

Public Instance Methods

find_ip(private_ip) click to toggle source
# File lib/ip_wrangler/nat.rb, line 46
def find_ip(private_ip)
  ip = @db.get_first_empty_nat_ip
  if ip
    public_ip = ip[:public_ip]
    if not_used_ip?(public_ip) &&
       @iptables.not_exists_nat_ip?(public_ip, private_ip)
      return public_ip
    end
  end
  nil
end
find_port(private_ip, private_port, protocol) click to toggle source
# File lib/ip_wrangler/nat.rb, line 33
def find_port(private_ip, private_port, protocol)
  port = @db.get_first_empty_nat_port(protocol)
  if port
    public_port = port[:public_port]
    if not_used_port?(@config['port_ip'], public_port, protocol) &&
       @iptables.not_exists_nat_port?(@config['port_ip'], public_port,
                                      protocol, private_ip, private_port)
      return @config['port_ip'], public_port
    end
  end
  nil
end
get_nat_ips(private_ip = nil) click to toggle source
# File lib/ip_wrangler/nat.rb, line 62
def get_nat_ips(private_ip = nil)
  @db.select_nat_ip(private_ip)
end
get_nat_ports(private_ip = nil) click to toggle source
# File lib/ip_wrangler/nat.rb, line 58
def get_nat_ports(private_ip = nil)
  @db.select_nat_port(private_ip)
end
lock_ip(private_ip) click to toggle source
# File lib/ip_wrangler/nat.rb, line 87
def lock_ip(private_ip)
  ip = @db.select_nat_ip(private_ip)
  if ip.empty?
    public_ip = find_ip(private_ip)
    if public_ip
      @db.insert_nat_ip(public_ip, private_ip)
      @iptables.append_nat_ip(public_ip, private_ip)
      { public_ip: public_ip,
        private_ip: private_ip }
    end
  else
    ip = ip.to_a[0]
    { public_ip: ip[:public_ip],
      private_ip: private_ip }
  end
end
lock_port(private_ip, private_port, protocol) click to toggle source
# File lib/ip_wrangler/nat.rb, line 66
def lock_port(private_ip, private_port, protocol)
  port = @db.select_nat_port(private_ip, private_port, protocol)
  if port.empty?
    public_ip, public_port = find_port(private_ip, private_port, protocol)
    if public_ip && public_port
      @db.insert_nat_port(public_ip, public_port,
                          private_ip, private_port, protocol)
      @iptables.append_nat_port(public_ip, public_port,
                                private_ip, private_port, protocol)
      { public_ip: public_ip, public_port: public_port,
        private_ip: private_ip, private_port: private_port,
        protocol: protocol }
    end
  else
    port = port.to_a[0]
    { public_ip: port[:public_ip], public_port: port[:public_port],
      private_ip: private_ip, private_port: private_port,
      protocol: port[:protocol] }
  end
end
not_used_ip?(public_ip) click to toggle source
# File lib/ip_wrangler/nat.rb, line 27
def not_used_ip?(public_ip)
  command = "#{$lsof_bin_path} -i @#{public_ip}"
  output = IpWrangler::Exec.execute_command(command)
  output.empty?
end
not_used_port?(public_ip, public_port, protocol) click to toggle source
# File lib/ip_wrangler/nat.rb, line 21
def not_used_port?(public_ip, public_port, protocol)
  command = "#{$lsof_bin_path} -i #{protocol}@#{public_ip}:#{public_port}"
  output = IpWrangler::Exec.execute_command(command)
  output.empty?
end
release_ip(private_ip, public_ip = nil) click to toggle source
# File lib/ip_wrangler/nat.rb, line 120
def release_ip(private_ip, public_ip = nil)
  released_ip = []
  @db.select_nat_ip(private_ip, public_ip).each do |nat_ip|
    @iptables.delete_nat_ip(nat_ip[:public_ip], nat_ip[:private_ip])
    released_ip.push({ public_ip: nat_ip[:public_ip] })
  end
  @db.delete_nat_ip(private_ip, public_ip)
  released_ip
end
release_port(private_ip, private_port = nil, protocol = nil) click to toggle source
# File lib/ip_wrangler/nat.rb, line 104
def release_port(private_ip, private_port = nil, protocol = nil)
  released_port = []
  @db.select_nat_port(private_ip, private_port, protocol).each do |nat_port|
    @iptables.delete_nat_port(nat_port[:public_ip], nat_port[:public_port],
                              nat_port[:private_ip], nat_port[:private_port],
                              nat_port[:protocol])
    released_port.push({ public_ip: nat_port[:public_ip],
                         public_port: nat_port[:public_port],
                         private_ip: nat_port[:private_ip],
                         private_port: nat_port[:private_port],
                         protocol: nat_port[:protocol] })
  end
  @db.delete_nat_port(private_ip, private_port, protocol)
  released_port
end