now supports chain, protocol, src, dst, dport, sport, sudo args

pkrumins · Apr 1, 2011 · 9da63cc · 9da63cc
1 parent 65cdbc1
commit 9da63cc
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/index.js b/index.js
@@ -0,0 +1,34 @@
+var spawn = require('process').spawn;
+
+exports.allow = function (rule) {
+    rule.target = 'ACCEPT';
+    iptables(rule);
+}
+
+exports.deny = function (rule) {
+    rule.target = 'DROP';
+    iptables(rule);
+}
+
+function iptables (rule) {
+    var cmd = 'iptables';
+    var args = [];
+
+    if (rule.chain) args = args.concat(["-I", rule.chain]);
+    if (rule.protocol) args = args.concat(["-p", rule.protocol]);
+    if (rule.src) args = args.concat(["--src", rule.src]);
+    if (rule.dst) args = args.concat(["--dst", rule.dst]);
+    if (rule.dport) args = args.concat(["--dport", rule.dport]);
+    if (rule.sport) args = args.concat(["--sport", rule.sport]);
+
+    if (rule.sudo) {
+        cmd = 'sudo';
+        args = ['iptables'].concat(args);
+    }
+
+    var proc = spawn(cmd, args);
+    proc.stderr.on('data', function (buf) {
+        console.error(buf.toString());
+    });
+}
+