Skip to content

Commit

Permalink
Added support for modifying :short, :description and :target zone att…
Browse files Browse the repository at this point in the history 
…ributes
  • Loading branch information
@teclator
teclator committed Aug 29, 2018
1 parent 7a57294 commit 4aa8fbc
Show file tree
Hide file tree
Showing 6 changed files with 75 additions and 35 deletions.
2 changes: 1 addition & 1 deletion library/network/src/lib/y2firewall/firewalld.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ def initialize
# @return [Boolean] true
def read
return false unless installed?
@zones = ZoneParser.new(api.zones, api.list_all_zones).parse
@zones = ZoneParser.new(api.zones, api.list_all_zones(verbose: true)).parse
@log_denied_packets = api.log_denied_packets
@default_zone = api.default_zone
# The list of services is not read or initialized because takes time and
Expand Down
40 changes: 36 additions & 4 deletions library/network/src/lib/y2firewall/firewalld/api/zones.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,15 +73,23 @@ def list_sources(zone, permanent: permanent?)
# @param permanent [Boolean] if true it adds the --permanent option the
# command to be executed
# @return [Array<String>] list of all information for given zone
def list_all(zone, permanent: permanent?)
string_command("--zone=#{zone}", "--list-all", permanent: permanent).split(" ")
def list_all(zone, permanent: permanent?, verbose: false)
if verbose
string_command("--zone=#{zone}", "--verbose", "--list-all", permanent: permanent).split(" ")
else
string_command("--zone=#{zone}", "--list-all", permanent: permanent).split(" ")
end
end

# @param permanent [Boolean] if true it adds the --permanent option the
# command to be executed
# @return [Array<String>] list of all information for all firewall zones
def list_all_zones(permanent: permanent?)
string_command("--list-all-zones", permanent: permanent).split("\n")
def list_all_zones(permanent: permanent?, verbose: false)
if verbose
string_command("--list-all-zones", "--verbose", permanent: permanent).split("\n")
else
string_command("--list-all-zones", permanent: permanent).split("\n")
end
end

### Interfaces ###
Expand Down Expand Up @@ -259,6 +267,30 @@ def remove_masquerade(zone)

run_command("--zone=#{zone}", "--remove-masquerade")
end

def short(zone)
string_command("--zone=#{zone}", "--get-short")
end

def short=(zone, short_description)
string_command("--zone=#{zone}", "--set-short=#{short_description}")
end

def description(zone)
string_command("--zone=#{zone}", "--get-description")
end

def description=(zone, long_description)
run_command("--zone=#{zone}", "--set-description=#{long_description}")
end

def target(zone)
string_command("--zone=#{zone}", "--get-target")
end

def target=(zone,target)
run_command("--zone=#{zone}", "--set-target=#{target}")
end
end
end
end
Expand Down
31 changes: 30 additions & 1 deletion library/network/src/lib/y2firewall/firewalld/relations.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,35 @@ def enable_modifications_cache
end
end

# @param attributes [Array<Symbol] relation or attribute names
def has_attribute(*attributes, cache: false)
define_method "attributes" do
attributes
end

attributes.each do |attribute|
attr_reader attribute

define_method "#{attribute}=" do |item|
instance_variable_set("@#{attribute}", item)

modified!(attribute) if cache
end

define_method "current_#{attribute}" do
api.public_send(attribute, name)
end
end

define_method "apply_attributes_changes!" do
attributes.each do |attribute|
next if cache && !modified?(attribute)
api.public_send("#{attribute}=", name, public_send(attribute))
end
true
end
end

# Defines a set of methods to operate over array based firewalld
# attributes like services, interfaces, protocols, ports... Bang! methods
# applies the object modifications into the firewalld zone using the
Expand Down Expand Up @@ -83,7 +112,7 @@ def enable_modifications_cache
# # Apply all the relations changes
# zone.apply_relations_changes!
#
# @param args [Array<Symbol] relation or attribute names
# @param relations [Array<Symbol] relation or attribute names
def has_many(*relations, scope: nil, cache: false) # rubocop:disable Style/PredicateName
scope = "#{scope}_" if scope
enable_modifications_cache if cache
Expand Down
28 changes: 2 additions & 26 deletions library/network/src/lib/y2firewall/firewalld/zone.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,24 +33,12 @@ class Zone

textdomain "base"

# Map of known zone names and description
KNOWN_ZONES = {
"block" => N_("Block Zone"),
"dmz" => N_("Demilitarized Zone"),
"drop" => N_("Drop Zone"),
"external" => N_("External Zone"),
"home" => N_("Home Zone"),
"internal" => N_("Internal Zone"),
"public" => N_("Public Zone"),
"trusted" => N_("Trusted Zone"),
"work" => N_("Work Zone")
}.freeze

# @return [String] Zone name
attr_reader :name

# @see Y2Firewall::Firewalld::Relations
has_many :services, :interfaces, :protocols, :ports, :sources, cache: true
has_attribute :name, :short, :description, :target, cache: true

# @return [Boolean] Whether masquerade is enabled or not
attr_reader :masquerade
Expand All @@ -67,10 +55,6 @@ def initialize(name: nil)
@name = name || api.default_zone
end

def self.known_zones
KNOWN_ZONES
end

# Setter method for enabling masquerading.
#
# @param enabled [Boolean] true for enable; false for disable
Expand All @@ -80,20 +64,12 @@ def masquerade=(enable)
@masquerade = enable || false
end

# Known full name of the known zones. Usefull when the API is not
# accessible or when make sense to not call it directly to obtain
# the full name.
#
# @return [String] zone full name
def full_name
self.class.known_zones[name]
end

# Apply all the changes in firewalld but do not reload it
def apply_changes!
return true unless modified?

apply_relations_changes!
apply_attributes_changes!
if modified?(:masquerade)
masquerade? ? api.add_masquerade(name) : api.remove_masquerade(name)
end
Expand Down
5 changes: 4 additions & 1 deletion library/network/src/lib/y2firewall/firewalld/zone_parser.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,6 @@ def parse
@zones_definition.reject(&:empty?).each do |line|
attribute, _value = line.split("\s")
next if !attribute

if @zone_names.include?(attribute)
zone = Zone.new(name: attribute)
zones << zone
Expand All @@ -61,10 +60,14 @@ def parse
next unless zone

attribute, value = line.lstrip.split(":\s")
attribute = "short" if attribute == "summary"
attribute = "rich_rules" if attribute == "rich rules"

next unless zone.respond_to?("#{attribute}=")
if BOOLEAN_ATTRIBUTES.include?(attribute)
zone.public_send("#{attribute}=", value == "yes" ? true : false)
elsif zone.attributes.include?(attribute.to_sym)
zone.public_send("#{attribute}=", value.to_s)
else
zone.public_send("#{attribute}=", value.to_s.split)
end
Expand Down
4 changes: 2 additions & 2 deletions library/network/src/modules/CWMFirewallInterfaces.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1032,7 +1032,7 @@ def interface_label(name)
ipaddr = NetworkInterfaces.GetValue(name, "IPADDR")
# BNC #483455: Interface zone name
zone = firewalld.zones.find { |z| z.interfaces.include?(name) }
zone_full_name = zone ? zone.full_name : _("Interface is not assigned to any zone")
zone_short_name = zone ? zone.short : _("Interface is not assigned to any zone")
if label == "static" || label == "" || label.nil?
label = ipaddr
else
Expand All @@ -1042,7 +1042,7 @@ def interface_label(name)
if label.nil? || label == ""
name
else
"#{name} (#{label} / #{zone_full_name})"
"#{name} (#{label} / #{zone_short_name})"
end
end

Expand Down

0 comments on commit 4aa8fbc

Please sign in to comment.