Class: Firewalld::FirewalldBashAPI

Inherits:

Object

• Object
• Firewalld::FirewalldBashAPI

Includes:

Yast::Logger

Defined in:

library/network/src/lib/network/firewalld.rb

Overview

The firewalld bash API

Instance Method Summary

• #add_interface(zone, interface) ⇒ Boolean

  True if interface was added to zone.

• #add_masquerade(zone) ⇒ Boolean

  True if masquerade was enabled in zone.

• #add_port(zone, port) ⇒ Boolean

  True if port was added to zone.

• #add_protocol(zone, protocol) ⇒ Boolean

  True if protocol was added to zone.

• #add_service(zone, service) ⇒ Boolean

  True if service was added to zone.

• #complete_reload ⇒ Boolean

  The firewalld complete-reload result (exit code).

• #info_service(service) ⇒ Array<String>

  List of all information for the given service.

• #interface_enabled?(zone, interface) ⇒ Boolean

  True if interface is assigned to zone.

• #list_all(zone) ⇒ Array<String>

  List of all information for given zone.

• #list_all_zones ⇒ Array<String>

  List of all information for all firewall zones.

• #list_interfaces(zone) ⇒ Array<String>

  List of zone's interfaces.

• #list_ports(zone) ⇒ Array<String>

  List of zone's ports.

• #list_protocols(zone) ⇒ Array<String>

  List of zone's protocols.

• #list_services(zone) ⇒ Arrray<String>

  List of zone's services.

• #log_denied_packets ⇒ String

  Packet type which is being logged when denied.

• #log_denied_packets=(kind) ⇒ Boolean

  all, unicast, broadcast, multicast and off when denied.

• #log_denied_packets?(kind) ⇒ Boolean

  all, unicast, broadcast, multicast and off.

• #make_permanent ⇒ Boolean

  The firewalld runtime-to-permanent result (exit code).

• #masquerade_enabled?(zone) ⇒ Boolean

  True if masquerade is enabled in zone.

• #port_enabled?(zone, port) ⇒ Boolean

  True if port is enabled in zone.

• #protocol_enabled?(zone, protocol) ⇒ Boolean

  True if protocol is enabled in zone.

• #reload ⇒ Boolean

  The firewalld reload result (exit code).

• #remove_interface(zone, interface) ⇒ Boolean

  True if interface was removed from zone.

• #remove_masquerade(zone) ⇒ Boolean

  True if masquerade was removed in zone.

• #remove_port(zone, port) ⇒ Boolean

  True if port was removed from zone.

• #remove_protocol(zone, protocol) ⇒ Boolean

  True if protocol was removed from zone.

• #remove_service(zone, service) ⇒ Boolean

  True if service was removed from zone.

• #running? ⇒ Boolean

  The firewalld service state (exit code).

• #service_description(service) ⇒ String

  Description for service.

• #service_enabled?(zone, service) ⇒ Boolean

  True if service is enabled in zone.

• #service_modules(service) ⇒ Array<String>

  The firewall service modules.

• #service_ports(service) ⇒ Array<String>

  The firewall service ports.

• #service_protocols(service) ⇒ Array<String>

  The firewall service protocols.

• #service_short(service) ⇒ String

  Short description for service.

• #service_supported?(service) ⇒ Boolean

  True if service definition exists.

• #services ⇒ Array<String>

  List of firewall services.

• #zones ⇒ Array<String>

  List of firewall zones.

Instance Method Details

#add_interface(zone, interface) ⇒ Boolean

Returns True if interface was added to zone.

Parameters:

• zone (String) —

  The firewall zone

• interface (String) —

  The network interface

Returns:

• (Boolean) —

  True if interface was added to zone

# File 'library/network/src/lib/network/firewalld.rb', line 187

def add_interface(zone, interface)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --add-interface=#{interface.shellescape}")
end

#add_masquerade(zone) ⇒ Boolean

Returns True if masquerade was enabled in zone.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Boolean) —

  True if masquerade was enabled in zone

# File 'library/network/src/lib/network/firewalld.rb', line 319

def add_masquerade(zone)
  return true if masquerade_enabled?(zone)

  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --add-masquerade")
end

#add_port(zone, port) ⇒ Boolean

Returns True if port was added to zone.

Parameters:

• zone (String) —

  The firewall zone

• port (String) —

  The firewall port

Returns:

• (Boolean) —

  True if port was added to zone

# File 'library/network/src/lib/network/firewalld.rb', line 279

def add_port(zone, port)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --add-port=#{port.shellescape}")
end

#add_protocol(zone, protocol) ⇒ Boolean

Returns True if protocol was added to zone.

Parameters:

• zone (String) —

  The firewall zone

• protocol (String) —

  The firewall protocol

Returns:

• (Boolean) —

  True if protocol was added to zone

# File 'library/network/src/lib/network/firewalld.rb', line 286

def add_protocol(zone, protocol)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --add-protocol=#{protocol.shellescape}")
end

#add_service(zone, service) ⇒ Boolean

Returns True if service was added to zone.

Parameters:

• zone (String) —

  The firewall zone

• service (String) —

  The firewall service

Returns:

• (Boolean) —

  True if service was added to zone

# File 'library/network/src/lib/network/firewalld.rb', line 272

def add_service(zone, service)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --add-service=#{service.shellescape}")
end

#complete_reload ⇒ Boolean

Returns The firewalld complete-reload result (exit code).

Returns:

• (Boolean) —

  The firewalld complete-reload result (exit code)

# File 'library/network/src/lib/network/firewalld.rb', line 124

def complete_reload
  fwd_quiet_result("--complete-reload")
end

#info_service(service) ⇒ Array<String>

Returns list of all information for the given service.

Parameters:

• service (String) —

  The firewall service

Returns:

• (Array<String>) —

  list of all information for the given service

# File 'library/network/src/lib/network/firewalld.rb', line 207

def info_service(service)
  fwd_result("--permanent --info-service #{service.shellescape}").split("\n")
end

#interface_enabled?(zone, interface) ⇒ Boolean

Returns True if interface is assigned to zone.

Parameters:

• zone (String) —

  The firewall zone

• interface (String) —

  The network interface

Returns:

• (Boolean) —

  True if interface is assigned to zone

# File 'library/network/src/lib/network/firewalld.rb', line 180

def interface_enabled?(zone, interface)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --query-interface=#{interface.shellescape}")
end

#list_all(zone) ⇒ Array<String>

Returns list of all information for given zone.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Array<String>) —

  list of all information for given zone

# File 'library/network/src/lib/network/firewalld.rb', line 166

def list_all(zone)
  fwd_result("--permanent --zone=#{zone.shellescape} --list-all").split
end

#list_all_zones ⇒ Array<String>

Returns list of all information for all firewall zones.

Returns:

• (Array<String>) —

  list of all information for all firewall zones

# File 'library/network/src/lib/network/firewalld.rb', line 171

def list_all_zones
  fwd_result("--permanent --list-all-zones").split("\n")
end

#list_interfaces(zone) ⇒ Array<String>

Returns list of zone's interfaces.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Array<String>) —

  list of zone's interfaces

# File 'library/network/src/lib/network/firewalld.rb', line 142

def list_interfaces(zone)
  fwd_result("--permanent --zone=#{zone.shellescape} --list-interfaces").split
end

#list_ports(zone) ⇒ Array<String>

Returns list of zone's ports.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Array<String>) —

  list of zone's ports

# File 'library/network/src/lib/network/firewalld.rb', line 154

def list_ports(zone)
  fwd_result("--permanent --zone=#{zone.shellescape} --list-ports").split
end

#list_protocols(zone) ⇒ Array<String>

Returns list of zone's protocols.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Array<String>) —

  list of zone's protocols

# File 'library/network/src/lib/network/firewalld.rb', line 160

def list_protocols(zone)
  fwd_result("--permanent --zone=#{zone.shellescape} --list-protocols").split
end

#list_services(zone) ⇒ Arrray<String>

Returns list of zone's services.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Arrray<String>) —

  list of zone's services

# File 'library/network/src/lib/network/firewalld.rb', line 148

def list_services(zone)
  fwd_result("--permanent --zone=#{zone.shellescape} --list-services").split
end

#log_denied_packets ⇒ String

Returns packet type which is being logged when denied.

Returns:

• (String) —

  packet type which is being logged when denied

# File 'library/network/src/lib/network/firewalld.rb', line 351

def log_denied_packets
  fwd_result("--get-log-denied").strip
end

#log_denied_packets=(kind) ⇒ Boolean

all, unicast, broadcast, multicast and off when denied

Parameters:

• kind (String) —

  Denied packets to log. Possible values are:

Returns:

• (Boolean) —

  True if desired packet type was set to being logged

# File 'library/network/src/lib/network/firewalld.rb', line 346

def log_denied_packets=(kind)
  fwd_quiet_result("--set-log-denied=#{kind.to_s.shellescape}")
end

#log_denied_packets?(kind) ⇒ Boolean

all, unicast, broadcast, multicast and off

Parameters:

• kind (String) —

  Denied packets to log. Possible values are:

Returns:

• (Boolean) —

  True if desired packet type is being logged when denied

# File 'library/network/src/lib/network/firewalld.rb', line 338

def log_denied_packets?(kind)
  (fwd_result("--get-log-denied").strip == kind)
end

#make_permanent ⇒ Boolean

Returns The firewalld runtime-to-permanent result (exit code).

Returns:

• (Boolean) —

  The firewalld runtime-to-permanent result (exit code)

# File 'library/network/src/lib/network/firewalld.rb', line 129

def make_permanent
  fwd_quiet_result("--runtime-to-permanent")
end

#masquerade_enabled?(zone) ⇒ Boolean

Returns True if masquerade is enabled in zone.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Boolean) —

  True if masquerade is enabled in zone

# File 'library/network/src/lib/network/firewalld.rb', line 313

def masquerade_enabled?(zone)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --query-masquerade")
end

#port_enabled?(zone, port) ⇒ Boolean

Returns True if port is enabled in zone.

Parameters:

• zone (String) —

  The firewall zone

• port (String) —

  The firewall port

Returns:

• (Boolean) —

  True if port is enabled in zone

# File 'library/network/src/lib/network/firewalld.rb', line 258

def port_enabled?(zone, port)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --query-port=#{port}")
end

#protocol_enabled?(zone, protocol) ⇒ Boolean

Returns True if protocol is enabled in zone.

Parameters:

• zone (String) —

  The firewall zone

• protocol (String) —

  The zone protocol

Returns:

• (Boolean) —

  True if protocol is enabled in zone

# File 'library/network/src/lib/network/firewalld.rb', line 265

def protocol_enabled?(zone, protocol)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --query-protocol=#{protocol}")
end

#reload ⇒ Boolean

Returns The firewalld reload result (exit code).

Returns:

• (Boolean) —

  The firewalld reload result (exit code)

# File 'library/network/src/lib/network/firewalld.rb', line 119

def reload
  fwd_quiet_result("--reload")
end

#remove_interface(zone, interface) ⇒ Boolean

Returns True if interface was removed from zone.

Parameters:

• zone (String) —

  The firewall zone

• interface (String) —

  The network interface

Returns:

• (Boolean) —

  True if interface was removed from zone

# File 'library/network/src/lib/network/firewalld.rb', line 194

def remove_interface(zone, interface)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --remove-interface=#{interface.shellescape}")
end

#remove_masquerade(zone) ⇒ Boolean

Returns True if masquerade was removed in zone.

Parameters:

• zone (String) —

  The firewall zone

Returns:

• (Boolean) —

  True if masquerade was removed in zone

# File 'library/network/src/lib/network/firewalld.rb', line 327

def remove_masquerade(zone)
  return true if !masquerade_enabled?(zone)

  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --remove-masquerade")
end

#remove_port(zone, port) ⇒ Boolean

Returns True if port was removed from zone.

Parameters:

• zone (String) —

  The firewall zone

• port (String) —

  The firewall port

Returns:

• (Boolean) —

  True if port was removed from zone

# File 'library/network/src/lib/network/firewalld.rb', line 300

def remove_port(zone, port)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --remove-port=#{port.shellescape}")
end

#remove_protocol(zone, protocol) ⇒ Boolean

Returns True if protocol was removed from zone.

Parameters:

• zone (String) —

  The firewall zone

• protocol (String) —

  The firewall protocol

Returns:

• (Boolean) —

  True if protocol was removed from zone

# File 'library/network/src/lib/network/firewalld.rb', line 307

def remove_protocol(zone, protocol)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --remove-protocol=#{protocol.shellescape}")
end

#remove_service(zone, service) ⇒ Boolean

Returns True if service was removed from zone.

Parameters:

• zone (String) —

  The firewall zone

• service (String) —

  The firewall service

Returns:

• (Boolean) —

  True if service was removed from zone

# File 'library/network/src/lib/network/firewalld.rb', line 293

def remove_service(zone, service)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --remove-service=#{service.shellescape}")
end

#running? ⇒ Boolean

Returns The firewalld service state (exit code).

Returns:

• (Boolean) —

  The firewalld service state (exit code)

# File 'library/network/src/lib/network/firewalld.rb', line 114

def running?
  fwd_quiet_result("--state")
end

#service_description(service) ⇒ String

Returns Description for service.

Parameters:

• service (String) —

  the firewall service

Returns:

• (String) —

  Description for service

# File 'library/network/src/lib/network/firewalld.rb', line 220

def service_description(service)
  fwd_result("--permanent --service=#{service.shellescape} --get-description").rstrip
end

#service_enabled?(zone, service) ⇒ Boolean

Returns True if service is enabled in zone.

Parameters:

• zone (String) —

  The firewall zone

• service (String) —

  The firewall service

Returns:

• (Boolean) —

  True if service is enabled in zone

# File 'library/network/src/lib/network/firewalld.rb', line 233

def service_enabled?(zone, service)
  fwd_quiet_result("--permanent --zone=#{zone.shellescape} --query-service=#{service.shellescape}")
end

#service_modules(service) ⇒ Array<String>

Returns The firewall service modules.

Parameters:

• service (String) —

  The firewall service

Returns:

• (Array<String>) —

  The firewall service modules

# File 'library/network/src/lib/network/firewalld.rb', line 251

def service_modules(service)
  fwd_result("--permanent --service=#{service.shellescape} --get-modules").strip
end

#service_ports(service) ⇒ Array<String>

Returns The firewall service ports.

Parameters:

• service (String) —

  The firewall service

Returns:

• (Array<String>) —

  The firewall service ports

# File 'library/network/src/lib/network/firewalld.rb', line 239

def service_ports(service)
  fwd_result("--permanent --service=#{service.shellescape} --get-ports").strip
end

#service_protocols(service) ⇒ Array<String>

Returns The firewall service protocols.

Parameters:

• service (String) —

  The firewall service

Returns:

• (Array<String>) —

  The firewall service protocols

# File 'library/network/src/lib/network/firewalld.rb', line 245

def service_protocols(service)
  fwd_result("--permanent --service=#{service.shellescape} --get-protocols").strip
end

#service_short(service) ⇒ String

Returns Short description for service.

Parameters:

• service (String) —

  The firewall service

Returns:

• (String) —

  Short description for service

# File 'library/network/src/lib/network/firewalld.rb', line 213

def service_short(service)
  # these may not exist on early firewalld releases
  fwd_result("--permanent --service=#{service.shellescape} --get-short").rstrip
end

#service_supported?(service) ⇒ Boolean

Returns True if service definition exists.

Parameters:

• service (String) —

  The firewall service

Returns:

• (Boolean) —

  True if service definition exists

# File 'library/network/src/lib/network/firewalld.rb', line 226

def service_supported?(service)
  services.include?(service)
end

#services ⇒ Array<String>

Returns List of firewall services.

Returns:

• (Array<String>) —

  List of firewall services

# File 'library/network/src/lib/network/firewalld.rb', line 201

def services
  fwd_result("--permanent --get-services").split
end

#zones ⇒ Array<String>

Returns List of firewall zones.

Returns:

• (Array<String>) —

  List of firewall zones

# File 'library/network/src/lib/network/firewalld.rb', line 136

def zones
  fwd_result("--permanent --get-zones").split
end