github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/nodeagent/firewall/centos/current.go

github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/nodeagent/firewall/centos/current.go (about)

     1  package centos
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/caos/orbos/mntr"
     7  	"gopkg.in/yaml.v3"
     8  )
     9  
    10  type commaSeparatedStrings struct {
    11  	slice []string
    12  }
    13  
    14  func (c *commaSeparatedStrings) UnmarshalYAML(node *yaml.Node) error {
    15  
    16  	var str string
    17  
    18  	if err := node.Decode(&str); err != nil {
    19  		return err
    20  	}
    21  
    22  	c.slice = strings.Fields(str)
    23  	return nil
    24  }
    25  
    26  type Zone struct {
    27  	Target     string
    28  	Interfaces commaSeparatedStrings
    29  	Sources    commaSeparatedStrings
    30  	Ports      commaSeparatedStrings
    31  	Protocols  commaSeparatedStrings
    32  	Masquerade bool
    33  }
    34  
    35  func queryCurrentFirewall(monitor mntr.Monitor) (map[string]Zone, error) {
    36  
    37  	allZones, err := runFirewallCommand(monitor, "--list-all-zones")
    38  	if err != nil {
    39  		return nil, err
    40  	}
    41  
    42  	zoneStrings := strings.Split(allZones, "\t\n\n")
    43  
    44  	zones := make(map[string]Zone)
    45  	for _, zoneString := range zoneStrings {
    46  		firstLineIdx := strings.Index(zoneString, "\n")
    47  		zoneName := strings.Fields(zoneString[:firstLineIdx])[0]
    48  		zone := Zone{}
    49  
    50  		prunedZone := strings.ReplaceAll(zoneString[firstLineIdx:], "\t", "")
    51  		prunedZone = strings.ReplaceAll(prunedZone, "%%REJECT%%", `"%%REJECT%%"`)
    52  		if err := yaml.Unmarshal([]byte(prunedZone), &zone); err != nil {
    53  			panic(err)
    54  		}
    55  		zones[zoneName] = zone
    56  	}
    57  	return zones, err
    58  }