Class: Y2Firewall::Firewalld::Zone

Inherits:

Object

• Object
• Y2Firewall::Firewalld::Zone

Extended by:

Relations, Yast::I18n

Includes:

Yast::I18n, Yast::Logger

Defined in:

library/network/src/lib/y2firewall/firewalld/zone.rb

Overview

Class to work with Firewalld zones

Constant Summary

KNOWN_ZONES =

Map of known zone names and description

{
  "block"    => N_("Block Zone"),
  "dmz"      => N_("Demilitarized Zone"),
  "drop"     => N_("Drop Zone"),
  "external" => N_("External Zone"),
  "home"     => N_("Home Zone"),
  "internal" => N_("Internal Zone"),
  "public"   => N_("Public Zone"),
  "trusted"  => N_("Trusted Zone"),
  "work"     => N_("Work Zone")
}.freeze

Instance Attribute Summary

• #name ⇒ String

  Zone name.

Class Method Summary

• .known_zones ⇒ Object

Instance Method Summary

• #add_interface!(interface) ⇒ Object

  Override relation method to be more defensive.

• #apply_changes! ⇒ Object

  Apply all the changes in firewalld but do not reload it.

• #change_interface(interface) ⇒ Object

  Assign the interface to the zone removing it previously from any other zone that was including it.

• #full_name ⇒ String

  Known full name of the known zones.

• #initialize(name: nil) ⇒ Zone constructor

  Constructor.

• #masquerade=(enable) ⇒ Boolean

  Setter method for enabling masquerading.

• #read ⇒ Object

  Read and modify the state of the object with the current firewalld configuration for this zone.

• #reload! ⇒ Object

  Convenience method wich reload changes applied to firewalld.

• #service_open?(service) ⇒ Boolean

  Return whether a service is present in the list of services or not.

Methods included from Relations

enable_modifications_cache, has_attributes, has_many

Constructor Details

#initialize(name: nil) ⇒ Zone

Constructor

If a :name is given it is used as the zone name. Otherwise, the default zone name will be used as fallback.

Parameters:

• name (String) (defaults to: nil) —

  zone name

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 67

def initialize(name: nil)
  @name = name || api.default_zone
  relations.each { |r| public_send("#{r}=", []) }
end

Instance Attribute Details

#name ⇒ String

Returns Zone name.

Returns:

• (String) —

  Zone name

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 57

def name
  @name
end

Class Method Details

.known_zones ⇒ Object

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 72

def self.known_zones
  KNOWN_ZONES
end

Instance Method Details

#add_interface!(interface) ⇒ Object

Override relation method to be more defensive. An interface can only belong to one zone and the change method remove it before add.

Parameters:

• interface (String) —

  interface name

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 137

def add_interface!(interface)
  api.change_interface(name, interface)
end

#apply_changes! ⇒ Object

Apply all the changes in firewalld but do not reload it

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 95

def apply_changes!
  return true unless modified?

  apply_relations_changes!
  apply_attributes_changes!
  if modified?(:masquerade)
    masquerade? ? api.add_masquerade(name) : api.remove_masquerade(name)
  end
  untouched!

  true
end

#change_interface(interface) ⇒ Object

Assign the interface to the zone removing it previously from any other zone that was including it.

Parameters:

• interface (String) —

  interface name

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 145

def change_interface(interface)
  firewalld.zones.each { |z| z.remove_interface(interface) }
  add_interface(interface)
end

#full_name ⇒ String

Known full name of the known zones. Usefull when the API is not accessible or when make sense to not call it directly to obtain the full name.

Returns:

• (String) —

  zone full name

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 90

def full_name
  self.class.known_zones[name]
end

#masquerade=(enable) ⇒ Boolean

Setter method for enabling masquerading.

Parameters:

• enable (Boolean) —

  true for enable; false for disable

Returns:

• (Boolean) —

  whether it is enabled or not

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 80

def masquerade=(enable)
  modified!(:masquerade)
  @masquerade = enable || false
end

#read ⇒ Object

Read and modify the state of the object with the current firewalld configuration for this zone.

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 115

def read
  return unless firewalld.installed?

  read_relations
  @masquerade = api.masquerade_enabled?(name)
  untouched!

  true
end

#reload! ⇒ Object

Convenience method wich reload changes applied to firewalld

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 109

def reload!
  api.reload
end

#service_open?(service) ⇒ Boolean

Return whether a service is present in the list of services or not

Parameters:

• service (String) —

  name of the service to check

Returns:

• (Boolean) —

  true if the given service name is part of services

# File 'library/network/src/lib/y2firewall/firewalld/zone.rb', line 129

def service_open?(service)
  services.include?(service)
end