Skip to content
Browse files

can now delete rules. renamed deny to drop. added reject

  • Loading branch information...
1 parent 19ad0b3 commit 50f523d5cf71bc8a0dd169aa94e88e64a53c72a0 @pkrumins committed Apr 1, 2011
Showing with 36 additions and 12 deletions.
  1. +36 −12 index.js
View
48 index.js
@@ -2,35 +2,59 @@ var spawn = require('child_process').spawn;
exports.allow = function (rule) {
rule.target = 'ACCEPT';
- iptables(rule);
+ newRule(rule);
}
-exports.deny = function (rule) {
+exports.drop = function (rule) {
rule.target = 'DROP';
- iptables(rule);
+ newRule(rule);
+}
+
+exports.reject = function (rule) {
+ rule.target = 'REJECT';
+ newRule(rule);
}
+exports.newRule = newRule;
+exports.deleteRule = deleteRule;
+
function iptables (rule) {
+ var args = iptablesArgs(rule);
+
var cmd = 'iptables';
+ if (rule.sudo) {
+ cmd = 'sudo';
+ args = ['iptables'].concat(args);
+ }
+
+ var proc = spawn(cmd, args);
+ proc.stderr.on('data', function (buf) {
+ console.error(buf.toString());
+ });
+}
+
+function iptablesArgs (rule) {
var args = [];
if (!rule.chain) rule.chain = 'INPUT';
- if (rule.chain) args = args.concat(["-I", rule.chain]);
+ if (!rule.action) rule.action = '-A';
+ if (rule.chain) args = args.concat([rule.action, rule.chain]);
if (rule.protocol) args = args.concat(["-p", rule.protocol]);
if (rule.src) args = args.concat(["--src", rule.src]);
if (rule.dst) args = args.concat(["--dst", rule.dst]);
if (rule.dport) args = args.concat(["--dport", rule.dport]);
if (rule.sport) args = args.concat(["--sport", rule.sport]);
- if (rule.sudo) {
- cmd = 'sudo';
- args = ['iptables'].concat(args);
- }
+ return args;
+}
- var proc = spawn(cmd, args);
- proc.stderr.on('data', function (buf) {
- console.error(buf.toString());
- });
+function newRule (rule) {
+ iptables(rule);
+}
+
+function deleteRule (rule) {
+ rule.action = '-D';
+ iptables(rule);
}

0 comments on commit 50f523d

Please sign in to comment.
Something went wrong with that request. Please try again.