Class: Yast::SuSEFirewalldServicesClass
- Inherits:
-
SuSEFirewallServicesClass
- Object
- Module
- SuSEFirewallServicesClass
- Yast::SuSEFirewalldServicesClass
- Includes:
- Logger
- Defined in:
- library/network/src/lib/network/susefirewalldservices.rb
Overview
Global Definition of Firewall Services Defined using TCP, UDP and RPC ports and IP protocols and Broadcast UDP ports. Results are cached, so repeating requests are answered faster.
Constant Summary collapse
- SERVICES_DIRECTORIES =
["/etc/firewalld/services", "/usr/lib/firewalld/services"].freeze
- IGNORED_SERVICES =
["..", "."].freeze
Constants inherited from SuSEFirewallServicesClass
Yast::SuSEFirewallServicesClass::DEFAULT_SERVICE, Yast::SuSEFirewallServicesClass::DEFINED_BY_PKG_PREFIX
Instance Method Summary collapse
-
#initialize ⇒ SuSEFirewalldServicesClass
constructor
A new instance of SuSEFirewalldServicesClass.
-
#ReadServicesDefinedByRPMPackages ⇒ Boolean
private
Reads services that can be used in FirewallD.
-
#service_details(service_name, silent = false) ⇒ Object
private
Returns service definition.
-
#SetModified ⇒ Object
Sets that configuration was modified.
Methods inherited from SuSEFirewallServicesClass
#GetDescription, #GetFilenameFromServiceDefinedByPackage, #GetListOfServicesAddedByPackage, #GetMetadataAgent, #GetModified, #GetNeededIPProtocols, #GetNeededPortsAndProtocols, #GetNeededRPCPorts, #GetNeededTCPPorts, #GetNeededUDPPorts, #GetSupportedServices, #IsKnownService, #ResetModified, #ServiceDefinedByPackage, #all_services
Constructor Details
#initialize ⇒ SuSEFirewalldServicesClass
Returns a new instance of SuSEFirewalldServicesClass.
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 37 def initialize super textdomain "base" @services = nil @known_services_features = { "TCP" => "tcp_ports", "UDP" => "udp_ports", "IP" => "ip_protocols", "MODULES" => "modules" } @known_metadata = { "Name" => "name", "Description" => "description" } # firewall needs restarting. Always false for firewalld @sfws_modified = false end |
Instance Method Details
#ReadServicesDefinedByRPMPackages ⇒ Boolean
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Contrary to SF2 we do not read the full service details here
since that would mean to issue 5-6 API calls for every service
file which will take a lot of time for no particular reason.
We will read the full service information if needed in the
service_details method.
Reads services that can be used in FirewallD
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 65 def ReadServicesDefinedByRPMPackages log.info "Reading FirewallD services from #{SERVICES_DIRECTORIES.join(" and ")}" @services ||= {} return true unless SuSEFirewall.SuSEFirewallIsInstalled() SuSEFirewall.api.services.each do |service_name| # Init everything @services[service_name] = {} @known_services_features.merge(@known_metadata).each_value do |param| # Set a good name for our service until we read its information @services[service_name][param] = case param when "description" # We intentionally don't call the API here. We will use it as a # flag to populate the full service details later on. default_service_description(service_name) when "name" # We have to call the API here because there are callers which # expect to at least provide a sensible service name without # worrying for the full service details. This is going to be # expensive though since the cost of calling --get-short grows # linearly with the number of available services :-( SuSEFirewall.api.service_short(service_name) else [] end end end end |
#service_details(service_name, silent = false) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Since we do not do full service population in ReadServicesDefinedByRPMPackages
we have to do it here but only if the service hasn't been populated
before. The way we determine if the service has been populated or not
is to look at the "description" key.
Returns service definition.
See @services for the format.
If silent
is not defined or set to true
, function throws an exception
SuSEFirewalServiceNotFound if service is not found on disk.
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 |
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 110 def service_details(service_name, silent = false) service = all_services[service_name] # Drop service: if needed service_name = service_name.partition(":")[2] if service_name.include?("service:") # If service description is the default one then we know that we haven't read the service # information just yet. Lets do it now populate_service(service_name) if all_services.fetch(service_name, {})["description"] == default_service_description(service_name) if service.nil? && !silent log.error "Uknown service '#{service_name}'" log.info "Known services: #{all_services.keys}" raise( SuSEFirewalServiceNotFound, format(_("Service with name '%{service_name}' does not exist"), service_name: service_name) ) end service end |
#SetModified ⇒ Object
Sets that configuration was modified
132 133 134 135 136 |
# File 'library/network/src/lib/network/susefirewalldservices.rb', line 132 def SetModified @sfws_modified = true nil end |