Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

file 55 lines (48 sloc) 3.034 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
class SecurityGroup
  attr_reader :group_name, :aws_perms
  
  def initialize(data)
    @group_name = data[:aws_group_name]
    @aws_perms = data[:aws_perms]
  end
  
  def port_range(from, to)
    return 'ALL' if from == "-1"
    return "#{from}" if from == to
    "#{from} - #{to}"
  end
  
  def services(from, to)
    services = {"-1_-1" => "ALL", "22_22" => "SSH", "4040_4040" => "CHEF", "443_443" => "SSL", "8080_8080" => "NGINX", "1194_1194" => "OPENVPN", "28017_28017" => "MONGO WEB",
                "4000_4000" => "WEINRE", "27017_27017" => "MONGO DB"}
    services["#{from}_#{to}"] || ""
  end
  
  def to_s
    acceptable_ips = {"0.0.0.0/0" => "Entire IPv4 address range",
                      "64.206.121.41/32" => "Boston Office",
                      "63.252.33.194/32" => "Andover DC", "63.252.33.198/32" => "Andover DC", "63.252.33.193/32" => "Andover DC",
                      "64.152.208.0/24" => "Boston DC (Arctic)", "64.152.208.10/32" => "Boston DC (Arctic)",
                      "64.74.101.10/32" => "Artic VPN (zuul)",
                      "64.74.101.0/24" => "Somerville DC (Falkland)",
                      "8.19.200.0/24" => "Chicago DC (Baltic)", "66.150.102.0/24" => "Chicago DC (Baltic)",
                      "79.125.13.169/32" => "Ireland DC (Celtic)", "79.125.7.55/32" => "Ireland DC (Celtic)",
                      "71.192.85.56/32" => "VSR Security Audit", "209.67.252.64/29" => "VSR Security Audit",
                                                                   "209.67.252.8/29" => "VSR Security Audit",
                                                                   "71.193.193.43/32" => "VSR Security Audit",
                                                                   "75.144.181.200/29" => "VSR Security Audit",
                      "75.101.156.249/32" => "Mongo MMS Service",
                      "default" => "Default Security Group",
                      "private_web" => "Private Web Security Group",
                      "db_servers" => "MongoDB Security Group"}
                      
    
    puts group_name
    puts "--------------------------------------------------------------------------------"
    puts "|port | service | type | ip/sg | what? |"
    puts "--------------------------------------------------------------------------------"
    aws_perms.each do |perm|
      perm[:groups].each do |group|
        puts sprintf(" %-20s %-9s %-6s %-27s %-10s", port_range(perm[:from_port], perm[:to_port]), services(perm[:from_port], perm[:to_port])|| "", perm[:protocol], group[:group_name], acceptable_ips[group[:group_name]], "???")
      end

      perm[:ip_ranges].each do |range|
        puts sprintf(" %-20s %-9s %-6s %-27s %-10s", port_range(perm[:from_port], perm[:to_port]), services(perm[:from_port], perm[:to_port]) || "", perm[:protocol], range[:cidr_ip], acceptable_ips[range[:cidr_ip]] || "???")
      end
    end
    puts ""
  end
end
Something went wrong with that request. Please try again.