Sha256: 2d8180a15418dbb4de85357a921ee6c9a618f39d359a7c56987c794e2e5902fe
Contents?: true
Size: 1.18 KB
Versions: 2
Compression:
Stored size: 1.18 KB
Contents
# -*- coding: utf-8 -*-
module Dcmgr
module VNet
module Tasks
# Allows for DHCP traffic to take place with and only with wakame's DHCP server
class AcceptWakameDHCPOnly < Task
include Dcmgr::VNet::Netfilter
#TODO: allow ARP traffic to DHCP server
attr_reader :dhcp_server_ip
def initialize(dhcp_server_ip,fport = 67, tport = 68)
super()
@dhcp_server_ip = dhcp_server_ip
# Block DHCP replies that aren't coming from our DHCP server
self.rules << IptablesRule.new(:filter,:forward,:udp,:incoming,"-p udp ! -s #{self.dhcp_server_ip} --sport #{fport}:#{tport} -j DROP")
# Accept DHCP replies coming from our DHCP server
self.rules << IptablesRule.new(:filter,:forward,:udp,:incoming,"-p udp -s #{self.dhcp_server_ip} --sport #{fport}:#{tport} -j ACCEPT")
# Drop all non DHCP traffic to our DHCP server
[:udp,:tcp,:icmp].each { |protocol|
self.rules << IptablesRule.new(:filter,:forward,protocol,:outgoing,"-d #{self.dhcp_server_ip} -p #{protocol} -j DROP")
}
end
end
end
end
end
Version data entries
2 entries across 2 versions & 2 rubygems
| Version | Path |
|---|---|
| wakame-vdc-agents-11.12.0 | lib/dcmgr/vnet/tasks/accept_wakame_dhcp_only.rb |
| wakame-vdc-dcmgr-11.12.0 | lib/dcmgr/vnet/tasks/accept_wakame_dhcp_only.rb |