Class: FirewallAgent

Inherits:
Object
  • Object
show all
Defined in:
lib/firewall_agent.rb

Constant Summary collapse

IPTABLES_FILE = 
"/etc/sysconfig/iptables"
DEFAULT_POLICY_FILE = 
'/etc/firewall-agent/policy.rb'

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeFirewallAgent

Returns a new instance of FirewallAgent.



16
17
18
 
# File 'lib/firewall_agent.rb', line 16

def initialize
  @logger = Log4r::Logger.new File.basename(__FILE__)
end

Instance Attribute Details

#loggerObject (readonly)

Returns the value of attribute logger.



11
12
13
 
# File 'lib/firewall_agent.rb', line 11

def logger
  @logger
end

Class Method Details

.start(policy_filename = DEFAULT_POLICY_FILE) ⇒ Object 



48
49
50
51
52
53
54
55
56
57
 
# File 'lib/firewall_agent.rb', line 48

def self.start(policy_filename = DEFAULT_POLICY_FILE)
  agent = self.new

  formatter = Log4r::PatternFormatter.new(:pattern => "[%5l] %d %C - %m")
  Log4r::StdoutOutputter.new('console', :formatter => formatter)
  Log4r::SyslogOutputter.new('syslog', :ident => File.basename(__FILE__))
  agent.logger.outputters = ['syslog', 'console']

  agent.start(policy_filename)
end

Instance Method Details

#start(policy_filename) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/firewall_agent.rb', line 25

def start(policy_filename)
  unless File.exists? policy_filename
    logger.error "Policy file (#{policy_filename}) not found, exiting..."
    exit 1 
  end

  EM.run do
    Signal.trap('INT') { stop }
    Signal.trap('TERM'){ stop }

    policy = Policy.new policy_filename, logger

    logger.warn "Starting agent"
    logger.warn "Applying dynamic firewall policy #{policy.name.to_s} from #{policy_filename}"

    apply_policy(policy)

    EM.add_periodic_timer 5 do
      apply_policy(policy) if policy.dirty?
    end
  end
end

#stopObject 



20
21
22
23
 
# File 'lib/firewall_agent.rb', line 20

def stop
  logger.warn "Stopping..."
  EM.stop
end