Module: ForemanMaintain::Concerns::Firewall::NftablesMaintenanceMode

Defined in:
lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb

Instance Method Summary collapse

Instance Method Details

#disable_maintenance_modeObject 



5
6
7
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 5

def disable_maintenance_mode
  delete_table if table_exist?
end

#enable_maintenance_modeObject 



9
10
11
12
13
14
15
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 9

def enable_maintenance_mode
  unless table_exist?
    add_table
    add_chain(:chain_options => nftables_chain_options)
    add_rules(rules: nftables_rules)
  end
end

#maintenance_mode_status?Boolean

Returns:

  • (Boolean) 


17
18
19
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 17

def maintenance_mode_status?
  table_exist?
end

#nftables_chain_optionsObject 



21
22
23
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 21

def nftables_chain_options
  '{type filter hook input priority 0\\;}'
end

#nftables_rulesObject 



25
26
27
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 25

def nftables_rules
  ['iifname "lo" accept', 'tcp dport 443 reject']
end

#status_for_maintenance_modeObject 



29
30
31
32
33
34
35
 
# File 'lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb', line 29

def status_for_maintenance_mode
  if table_exist?
    ['Nftables table: present', []]
  else
    ['Nftables table: absent', []]
  end
end