Class: Policy

Inherits:

Object

• Object
• Policy

Includes:

SlicehostSupport

Defined in:

lib/policy.rb

Instance Attribute Summary

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

• #name ⇒ Object readonly

  Returns the value of attribute name.

Instance Method Summary

• #add_rule(rule) ⇒ Object
• #allow_established ⇒ Object
• #allow_ip(ip) ⇒ Object
• #allow_ips(*hosts) ⇒ Object
• #allow_listen(*ports) ⇒ Object
• #allow_ping ⇒ Object
• #allow_slicehost_slices(key) ⇒ Object
• #allow_ssh ⇒ Object
• #clean ⇒ Object
• #config ⇒ Object
• #deny_all ⇒ Object
• #dirty? ⇒ Boolean
• #initialize(dsl_file, logger) ⇒ Policy constructor

  A new instance of Policy.

• #policy(name = :unnamed) ⇒ Object
• #rules ⇒ Object
• #update(options = {}) ⇒ Object

Methods included from SlicehostSupport

#slicehost_get_ips

Constructor Details

#initialize(dsl_file, logger) ⇒ Policy

Returns a new instance of Policy.

# File 'lib/policy.rb', line 8

def initialize(dsl_file, logger)
  @stack = []
  @top = []
  @stack.push(@top)
  @dirty = false
  @logger = logger

  instance_eval File.open(dsl_file).read, dsl_file
end

Instance Attribute Details

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/policy.rb', line 6

def logger
  @logger
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/policy.rb', line 6

def name
  @name
end

Instance Method Details

#add_rule(rule) ⇒ Object

# File 'lib/policy.rb', line 73

def add_rule(rule)
  @dirty = true
  @stack.last << rule
end

#allow_established ⇒ Object

# File 'lib/policy.rb', line 57

def allow_established
  add_rule IptablesGenerator.allow_established
end

#allow_ip(ip) ⇒ Object

# File 'lib/policy.rb', line 39

def allow_ip(ip)
  add_rule IptablesGenerator.allow_ip ip
end

#allow_ips(*hosts) ⇒ Object

# File 'lib/policy.rb', line 43

def allow_ips(*hosts)
  hosts = hosts.first if hosts.length == 1 && hosts.first.instance_of?(Array)
  add_rule IptablesGenerator.allow_ips hosts
end

#allow_listen(*ports) ⇒ Object

# File 'lib/policy.rb', line 48

def allow_listen(*ports)
  ports = ports.first if ports.length == 1 && ports.first.instance_of?(Array)
  add_rule IptablesGenerator.allow_listen(ports)
end

#allow_ping ⇒ Object

# File 'lib/policy.rb', line 61

def allow_ping
  add_rule IptablesGenerator.allow_ping
end

#allow_slicehost_slices(key) ⇒ Object

# File 'lib/policy.rb', line 53

def allow_slicehost_slices(key)
  add_rule IptablesGenerator.allow_slicehost_slices(key)
end

#allow_ssh ⇒ Object

# File 'lib/policy.rb', line 65

def allow_ssh
  add_rule IptablesGenerator.allow_ssh
end

#clean ⇒ Object

# File 'lib/policy.rb', line 26

def clean
  @dirty = false
end

#config ⇒ Object

# File 'lib/policy.rb', line 30

def config
  yield
end

#deny_all ⇒ Object

# File 'lib/policy.rb', line 69

def deny_all
  add_rule IptablesGenerator.deny_all
end

#dirty? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/policy.rb', line 22

def dirty?
  @dirty
end

#policy(name = :unnamed) ⇒ Object

# File 'lib/policy.rb', line 34

def policy(name = :unnamed)
  @name = name
  yield
end

#rules ⇒ Object

# File 'lib/policy.rb', line 18

def rules
  @top
end

#update(options = {}) ⇒ Object

# File 'lib/policy.rb', line 78

def update(options = {})
  index = @stack.last.length

  @stack.push([])
  yield
  rules = @stack.pop
  @stack.last[index] = rules

  period = options[:each].to_i
  if period > 0
    EM.add_periodic_timer period do
      rules.clear
      @stack.push(rules)
      yield
      @stack.pop
    end
  end
end