Class: Yast::SuSEFirewalldServicesClass

Inherits:
SuSEFirewallServicesClass show all
Includes:
Logger
Defined in:
library/network/src/lib/network/susefirewalldservices.rb

Overview

Global Definition of Firewall Services Defined using TCP, UDP and RPC ports and IP protocols and Broadcast UDP ports. Results are cached, so repeating requests are answered faster.

Constant Summary collapse

SERVICES_DIRECTORIES =
["/etc/firewalld/services", "/usr/lib/firewalld/services"].freeze
IGNORED_SERVICES =
["..", "."].freeze

Constants inherited from SuSEFirewallServicesClass

Yast::SuSEFirewallServicesClass::DEFAULT_SERVICE, Yast::SuSEFirewallServicesClass::DEFINED_BY_PKG_PREFIX

Instance Method Summary collapse

Methods inherited from SuSEFirewallServicesClass

#GetDescription, #GetFilenameFromServiceDefinedByPackage, #GetListOfServicesAddedByPackage, #GetMetadataAgent, #GetModified, #GetNeededIPProtocols, #GetNeededPortsAndProtocols, #GetNeededRPCPorts, #GetNeededTCPPorts, #GetNeededUDPPorts, #GetSupportedServices, #IsKnownService, #ResetModified, #ServiceDefinedByPackage, #all_services

Constructor Details

#initializeSuSEFirewalldServicesClass

Returns a new instance of SuSEFirewalldServicesClass.



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 37

def initialize
  super

  textdomain "base"

  @services = nil

  @known_services_features = {
    "TCP"     => "tcp_ports",
    "UDP"     => "udp_ports",
    "IP"      => "ip_protocols",
    "MODULES" => "modules"
  }

  @known_metadata = { "Name" => "name", "Description" => "description" }

  # firewall needs restarting. Always false for firewalld
  @sfws_modified = false
end

Instance Method Details

#ReadServicesDefinedByRPMPackagesBoolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

Contrary to SF2 we do not read the full service details here

Note:

since that would mean to issue 5-6 API calls for every service

Note:

file which will take a lot of time for no particular reason.

Note:

We will read the full service information if needed in the

Note:

service_details method.

Reads services that can be used in FirewallD

Returns:

  • (Boolean)

    if successful



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 65

def ReadServicesDefinedByRPMPackages
  log.info "Reading FirewallD services from #{SERVICES_DIRECTORIES.join(" and ")}"

  @services ||= {}

  return true unless SuSEFirewall.SuSEFirewallIsInstalled()

  SuSEFirewall.api.services.each do |service_name|
    # Init everything
    @services[service_name] = {}
    @known_services_features.merge(@known_metadata).each_value do |param|
      # Set a good name for our service until we read its information
      @services[service_name][param] = case param
      when "description"
        # We intentionally don't call the API here. We will use it as a
        # flag to populate the full service details later on.
        default_service_description(service_name)
      when "name"
        # We have to call the API here because there are callers which
        # expect to at least provide a sensible service name without
        # worrying for the full service details. This is going to be
        # expensive though since the cost of calling --get-short grows
        # linearly with the number of available services :-(
        SuSEFirewall.api.service_short(service_name)
      else
        []
      end
    end
  end
end

#service_details(service_name, silent = false) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

Since we do not do full service population in ReadServicesDefinedByRPMPackages

Note:

we have to do it here but only if the service hasn't been populated

Note:

before. The way we determine if the service has been populated or not

Note:

is to look at the "description" key.

Returns service definition. See @services for the format. If silent is not defined or set to true, function throws an exception SuSEFirewalServiceNotFound if service is not found on disk.

Parameters:

  • service_name (String)

    name that may include the "service:" prefix

  • silent (String) (defaults to: false)

    whether to silently return nil when service is not found



110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 110

def service_details(service_name, silent = false)
  service = all_services[service_name]
  # Drop service: if needed
  service_name = service_name.partition(":")[2] if service_name.include?("service:")
  # If service description is the default one then we know that we haven't read the service
  # information just yet. Lets do it now
  populate_service(service_name) if all_services.fetch(service_name, {})["description"] ==
    default_service_description(service_name)
  if service.nil? && !silent
    log.error "Uknown service '#{service_name}'"
    log.info "Known services: #{all_services.keys}"

    raise(
      SuSEFirewalServiceNotFound,
      format(_("Service with name '%{service_name}' does not exist"), service_name: service_name)
    )
  end

  service
end

#SetModifiedObject

Sets that configuration was modified



132
133
134
135
136
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 132

def SetModified
  @sfws_modified = true

  nil
end