Class: Inspec::Resources::FirewallD
- Inherits:
-
Object
- Object
- Inspec::Resources::FirewallD
- Defined in:
- lib/inspec/resources/firewalld.rb
Instance Attribute Summary collapse
-
#params ⇒ Object
readonly
Returns the value of attribute params.
Instance Method Summary collapse
- #default_zone ⇒ Object
- #has_port_enabled_in_zone?(query_port, query_zone = default_zone) ⇒ Boolean
- #has_rule_enabled?(rule, query_zone = default_zone) ⇒ Boolean
- #has_service_enabled_in_zone?(query_service, query_zone = default_zone) ⇒ Boolean
- #has_zone?(query_zone) ⇒ Boolean
-
#initialize ⇒ FirewallD
constructor
A new instance of FirewallD.
- #installed? ⇒ Boolean
- #running? ⇒ Boolean
- #service_ports_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
- #service_protocols_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
- #to_s ⇒ Object
Constructor Details
#initialize ⇒ FirewallD
Returns a new instance of FirewallD.
38 39 40 |
# File 'lib/inspec/resources/firewalld.rb', line 38 def initialize @params = parse_active_zones(active_zones) end |
Instance Attribute Details
#params ⇒ Object (readonly)
Returns the value of attribute params.
28 29 30 |
# File 'lib/inspec/resources/firewalld.rb', line 28 def params @params end |
Instance Method Details
#default_zone ⇒ Object
60 61 62 63 64 |
# File 'lib/inspec/resources/firewalld.rb', line 60 def default_zone # return: word associated with the name of the default zone # example: 'public' firewalld_command("--get-default-zone") end |
#has_port_enabled_in_zone?(query_port, query_zone = default_zone) ⇒ Boolean
82 83 84 |
# File 'lib/inspec/resources/firewalld.rb', line 82 def has_port_enabled_in_zone?(query_port, query_zone = default_zone) firewalld_command("--zone=#{query_zone} --query-port=#{query_port}") == "yes" end |
#has_rule_enabled?(rule, query_zone = default_zone) ⇒ Boolean
86 87 88 89 |
# File 'lib/inspec/resources/firewalld.rb', line 86 def has_rule_enabled?(rule, query_zone = default_zone) rule = "rule #{rule}" unless rule.start_with?("rule") firewalld_command("--zone=#{query_zone} --query-rich-rule='#{rule}'") == "yes" end |
#has_service_enabled_in_zone?(query_service, query_zone = default_zone) ⇒ Boolean
66 67 68 |
# File 'lib/inspec/resources/firewalld.rb', line 66 def has_service_enabled_in_zone?(query_service, query_zone = default_zone) firewalld_command("--zone=#{query_zone} --query-service=#{query_service}") == "yes" end |
#has_zone?(query_zone) ⇒ Boolean
46 47 48 49 50 51 |
# File 'lib/inspec/resources/firewalld.rb', line 46 def has_zone?(query_zone) return false unless installed? result = firewalld_command("--get-zones").split(" ") result.include?(query_zone) end |
#installed? ⇒ Boolean
42 43 44 |
# File 'lib/inspec/resources/firewalld.rb', line 42 def installed? inspec.command("firewall-cmd").exist? end |
#running? ⇒ Boolean
53 54 55 56 57 58 |
# File 'lib/inspec/resources/firewalld.rb', line 53 def running? return false unless installed? result = firewalld_command("--state") result =~ /^running/ ? true : false end |
#service_ports_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
70 71 72 73 74 |
# File 'lib/inspec/resources/firewalld.rb', line 70 def service_ports_enabled_in_zone(query_service, query_zone = default_zone) # return: String of ports open # example: ['22/tcp', '4722/tcp'] firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-ports --permanent").split(" ") end |
#service_protocols_enabled_in_zone(query_service, query_zone = default_zone) ⇒ Object
76 77 78 79 80 |
# File 'lib/inspec/resources/firewalld.rb', line 76 def service_protocols_enabled_in_zone(query_service, query_zone = default_zone) # return: String of protocoals open # example: ['icmp', 'ipv4', 'igmp'] firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-protocols --permanent").split(" ") end |
#to_s ⇒ Object
91 92 93 |
# File 'lib/inspec/resources/firewalld.rb', line 91 def to_s "Firewall Rules" end |