Class: Dcmgr::VNet::Tasks::AcceptWakameDNSOnly

Inherits:

Dcmgr::VNet::Task

• Object
• Dcmgr::VNet::Task
• Dcmgr::VNet::Tasks::AcceptWakameDNSOnly

Includes:

Netfilter

Defined in:

lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb

Overview

Allows for DNS traffic to be exchanged with and only with Wakame’s DNS server

Instance Attribute Summary

• #dns_server_ip ⇒ Object readonly

  TODO: allow ARP traffic to DNS server.

• #dns_server_port ⇒ Object readonly

  Returns the value of attribute dns_server_port.

Attributes inherited from Dcmgr::VNet::Task

#rules

Instance Method Summary

• #initialize(dns_server_ip, dns_server_port = "53") ⇒ AcceptWakameDNSOnly constructor

  A new instance of AcceptWakameDNSOnly.

Constructor Details

#initialize(dns_server_ip, dns_server_port = "53") ⇒ AcceptWakameDNSOnly

Returns a new instance of AcceptWakameDNSOnly.

# File 'lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb', line 14

def initialize(dns_server_ip,dns_server_port="53")
  super()
  
  @dns_server_ip = dns_server_ip
  @dns_server_port = dns_server_port
  
  # Allow DNS traffic to take place
  self.rules << IptablesRule.new(:filter,:forward,:udp,:outgoing,"-p udp -d #{self.dns_server_ip} --dport #{self.dns_server_port} -j ACCEPT")
  self.rules << IptablesRule.new(:filter,:forward,:udp,:incoming,"-p udp -d #{self.dns_server_ip} --dport #{self.dns_server_port} -j ACCEPT")
  
  # Disable any non DNS traffic to DNS server
  #[:udp,:tcp,:icmp].each { |protocol|
    #self.rules << IptablesRule.new(:filter,:forward,protocol,:outgoing,"-d #{self.dns_server_ip} -p #{protocol} -j DROP")
  #}
end

Instance Attribute Details

#dns_server_ip ⇒ Object (readonly)

TODO: allow ARP traffic to DNS server

# File 'lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb', line 11

def dns_server_ip
  @dns_server_ip
end

#dns_server_port ⇒ Object (readonly)

Returns the value of attribute dns_server_port.

# File 'lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb', line 12

def dns_server_port
  @dns_server_port
end