Method: Proproxy::Server#update_ip_table

Defined in:
lib/proproxy.rb

#update_ip_table(ip_v4, port, with_ssh_port: true) ⇒ Object 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# File 'lib/proproxy.rb', line 60

def update_ip_table(ip_v4, port, with_ssh_port: true)
  new_tonnel = "-A FWINPUT -p tcp -m tcp --dport #{port} -s #{ip_v4} -j ACCEPT"
  new_port = "http_port #{port}"
  new_src = "acl myacl src #{ip_v4}/255.255.255.255"

  remove_last_2_line
  on @remote_host do
    execute "echo #{new_tonnel} >> /etc/sysconfig/iptables"
    execute "echo #{new_port} >> /etc/squid/squid.conf"
    execute "echo #{new_src} >> /etc/squid/squid.conf"
  end
  add_icmp_host_prohibited_line
  add_last_commit_line_command

  if with_ssh_port
    ssh_tonnel = "-A FWINPUT -p tcp -m tcp --dport 22 -s #{ip_v4} -j ACCEPT"
    ssh_port = "http_port 22"
    remove_last_2_line
    on @remote_host do
      execute "echo #{ssh_tonnel} >> /etc/sysconfig/iptables"
      execute "echo #{ssh_port} >> /etc/squid/squid.conf"
    end
    add_icmp_host_prohibited_line
    add_last_commit_line_command
  end
  configure_ip_table
  restart_squid
end