class Inspec::Resources::WindowsFirewallRule
Public Class Methods
new(name)
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 17 def initialize(name) @name = name @state = {} query = load_firewall_state(name) cmd = inspec.powershell(query) @state = JSON.load(cmd.stdout) unless cmd.stdout.empty? end
Public Instance Methods
allowed?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 38 def allowed? @state["action"] == "Allow" end
enabled?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 34 def enabled? @state["enabled"] end
exist?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 30 def exist? !@state.empty? end
icmp?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 58 def icmp? @state["protocol"].start_with? "ICMP" end
icmpv4?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 62 def icmpv4? @state["protocol"] == "ICMPv4" end
icmpv6?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 66 def icmpv6? @state["protocol"] == "ICMPv6" end
inbound?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 42 def inbound? @state["direction"] == "Inbound" end
method_missing(method_name, *arguments, &_block)
click to toggle source
Access to return values from Powershell
via `its(“PROPERTY”)` and `have_PROPERTY? “VALUE”`
# File lib/inspec/resources/windows_firewall_rule.rb, line 71 def method_missing(method_name, *arguments, &_block) property = normalize_for_have_access(method_name) if method_name.to_s.start_with? "has_" expected_value = arguments.first respond_to_have(property, expected_value) else access_property(property) end end
outbound?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 46 def outbound? ! inbound? end
respond_to_missing?(method_name, _include_private = false)
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 82 def respond_to_missing?(method_name, _include_private = false) property = normalize_for_have_access(method_name) @state.key? property end
tcp?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 50 def tcp? @state["protocol"] == "TCP" end
to_s()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 26 def to_s "Windows Firewall Rule #{@name}" end
udp?()
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 54 def udp? @state["protocol"] == "UDP" end
Private Instance Methods
access_property(property)
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 96 def access_property(property) @state[property] end
load_firewall_state(rule_name)
click to toggle source
Taken from Chef, but changed `firewall_action` to `action` for consistency @see github.com/chef/chef/blob/master/lib/chef/resource/windows_firewall_rule.rb
# File lib/inspec/resources/windows_firewall_rule.rb, line 106 def load_firewall_state(rule_name) <<-EOH Get-TypeData -TypeName System.Array | Remove-TypeData # workaround for PS bug here: https://bit.ly/2SRMQ8M $rule = Get-NetFirewallRule -Name "#{rule_name}" $addressFilter = $rule | Get-NetFirewallAddressFilter $portFilter = $rule | Get-NetFirewallPortFilter $applicationFilter = $rule | Get-NetFirewallApplicationFilter $serviceFilter = $rule | Get-NetFirewallServiceFilter $interfaceTypeFilter = $rule | Get-NetFirewallInterfaceTypeFilter ([PSCustomObject]@{ rule_name = $rule.Name description = $rule.Description displayname = $rule.DisplayName group = $rule.Group local_address = $addressFilter.LocalAddress local_port = $portFilter.LocalPort remote_address = $addressFilter.RemoteAddress remote_port = $portFilter.RemotePort direction = $rule.Direction.ToString() protocol = $portFilter.Protocol icmp_type = $portFilter.IcmpType action = $rule.Action.ToString() profile = $rule.Profile.ToString() program = $applicationFilter.Program service = $serviceFilter.Service interface_type = $interfaceTypeFilter.InterfaceType.ToString() enabled = [bool]::Parse($rule.Enabled.ToString()) }) | ConvertTo-Json EOH end
normalize_for_have_access(property)
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 90 def normalize_for_have_access(property) property.to_s .delete_prefix("has_") .delete_suffix("?") end
respond_to_have(property, value)
click to toggle source
# File lib/inspec/resources/windows_firewall_rule.rb, line 100 def respond_to_have(property, value) @state[property] == value end