Sha256: 067d60dc595e157cd3c095e8c60cef0c246805aa4c70f7af34eec6ee33f98141
Contents?: true
Size: 1.17 KB
Versions: 2
Compression:
Stored size: 1.17 KB
Contents
# -*- coding: utf-8 -*-
module Dcmgr
module VNet
module Tasks
# Allows for DNS traffic to be exchanged with and only with Wakame's DNS server
class AcceptWakameDNSOnly < Task
include Dcmgr::VNet::Netfilter
#TODO: allow ARP traffic to DNS server
attr_reader :dns_server_ip
attr_reader :dns_server_port
def initialize(dns_server_ip,dns_server_port="53")
super()
@dns_server_ip = dns_server_ip
@dns_server_port = dns_server_port
# Allow DNS traffic to take place
self.rules << IptablesRule.new(:filter,:forward,:udp,:outgoing,"-p udp -d #{self.dns_server_ip} --dport #{self.dns_server_port} -j ACCEPT")
self.rules << IptablesRule.new(:filter,:forward,:udp,:incoming,"-p udp -d #{self.dns_server_ip} --dport #{self.dns_server_port} -j ACCEPT")
# Disable any non DNS traffic to DNS server
#[:udp,:tcp,:icmp].each { |protocol|
#self.rules << IptablesRule.new(:filter,:forward,protocol,:outgoing,"-d #{self.dns_server_ip} -p #{protocol} -j DROP")
#}
end
end
end
end
end
Version data entries
2 entries across 2 versions & 2 rubygems
| Version | Path |
|---|---|
| wakame-vdc-agents-11.12.0 | lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb |
| wakame-vdc-dcmgr-11.12.0 | lib/dcmgr/vnet/tasks/accept_wakame_dns_only.rb |