Class: Dcmgr::VNet::Tasks::DropIpSpoofing

Inherits:

Dcmgr::VNet::Task

Object
Dcmgr::VNet::Task
Dcmgr::VNet::Tasks::DropIpSpoofing

show all

Includes:: Netfilter

Defined in:: lib/dcmgr/vnet/tasks/drop_ip_spoofing.rb

Overview

Disable instances from spoofing another ip address

Instance Attribute Summary collapse

#enable_logging ⇒ Object

Returns the value of attribute enable_logging.
#ip ⇒ Object

Returns the value of attribute ip.
#log_prefix ⇒ Object

Returns the value of attribute log_prefix.

Attributes inherited from Dcmgr::VNet::Task

#rules

Instance Method Summary collapse

#initialize(ip, enable_logging, log_prefix) ⇒ DropIpSpoofing constructor

A new instance of DropIpSpoofing.

Constructor Details

#initialize(ip, enable_logging, log_prefix) ⇒ `DropIpSpoofing`

Returns a new instance of DropIpSpoofing.

# File 'lib/dcmgr/vnet/tasks/drop_ip_spoofing.rb', line 14

def initialize(ip,enable_logging,log_prefix)
super()
self.ip = ip
self.enable_logging = enable_logging
self.log_prefix = log_prefix

# Prevent spoofing to the outside world
self.rules << EbtablesRule.new(:filter,:forward,:arp,:outgoing,"--protocol arp --arp-ip-src ! #{self.ip} #{EbtablesRule.log_arp(self.log_prefix) if self.enable_logging} -j DROP")
# Prevent spoofing to the host
self.rules << EbtablesRule.new(:filter,:input,:arp,:outgoing,"--protocol arp --arp-ip-src ! #{self.ip} #{EbtablesRule.log_arp(self.log_prefix) if self.enable_logging} -j DROP")

# Prevent the outside world from spoofing to the instance
self.rules << EbtablesRule.new(:filter,:forward,:arp,:incoming,"--protocol arp --arp-ip-dst ! #{self.ip} #{EbtablesRule.log_arp(self.log_prefix) if self.enable_logging} -j DROP")
# Prevent the host from spoofing to the instance
self.rules << EbtablesRule.new(:filter,:output,:arp,:incoming,"--protocol arp --arp-ip-dst ! #{self.ip} #{EbtablesRule.log_arp(self.log_prefix) if self.enable_logging} -j DROP")
end

Instance Attribute Details

#enable_logging ⇒ `Object`

Returns the value of attribute enable_logging.



11
12
13

# File 'lib/dcmgr/vnet/tasks/drop_ip_spoofing.rb', line 11

def enable_logging
  @enable_logging
end

#ip ⇒ `Object`

Returns the value of attribute ip.



10
11
12

# File 'lib/dcmgr/vnet/tasks/drop_ip_spoofing.rb', line 10

def ip
  @ip
end

#log_prefix ⇒ `Object`

Returns the value of attribute log_prefix.



12
13
14

# File 'lib/dcmgr/vnet/tasks/drop_ip_spoofing.rb', line 12

def log_prefix
  @log_prefix
end