class Chef::Resource::WindowsFirewallRule

Public Instance Methods

firewall_command(cmdlet_type) click to toggle source

build the command to create a firewall rule based on new_resource values @return [String] firewall create command

# File lib/chef/resource/windows_firewall_rule.rb, line 150
def firewall_command(cmdlet_type)
  cmd = "#{cmdlet_type}-NetFirewallRule -Name '#{new_resource.rule_name}'"
  cmd << " -DisplayName '#{new_resource.rule_name}'" if cmdlet_type == "New"
  cmd << " -Description '#{new_resource.description}'" if new_resource.description
  cmd << " -LocalAddress '#{new_resource.local_address}'" if new_resource.local_address
  cmd << " -LocalPort #{new_resource.local_port.join(',')}" if new_resource.local_port
  cmd << " -RemoteAddress '#{new_resource.remote_address}'" if new_resource.remote_address
  cmd << " -RemotePort #{new_resource.remote_port.join(',')}" if new_resource.remote_port
  cmd << " -Direction '#{new_resource.direction}'" if new_resource.direction
  cmd << " -Protocol '#{new_resource.protocol}'" if new_resource.protocol
  cmd << " -Action '#{new_resource.firewall_action}'" if new_resource.firewall_action
  cmd << " -Profile '#{new_resource.profile}'" if new_resource.profile
  cmd << " -Program '#{new_resource.program}'" if new_resource.program
  cmd << " -Service '#{new_resource.service}'" if new_resource.service
  cmd << " -InterfaceType '#{new_resource.interface_type}'" if new_resource.interface_type
  cmd << " -Enabled '#{new_resource.enabled}'"

  cmd
end

Private Instance Methods

load_firewall_state(rule_name) click to toggle source

build the command to load the current resource # @return [String] current firewall state

# File lib/chef/resource/windows_firewall_rule.rb, line 175
      def load_firewall_state(rule_name)
        <<-EOH
          Remove-TypeData System.Array # workaround for PS bug here: https://bit.ly/2SRMQ8M
          $rule = Get-NetFirewallRule -Name '#{rule_name}'
          $addressFilter = $rule | Get-NetFirewallAddressFilter
          $portFilter = $rule | Get-NetFirewallPortFilter
          $applicationFilter = $rule | Get-NetFirewallApplicationFilter
          $serviceFilter = $rule | Get-NetFirewallServiceFilter
          $interfaceTypeFilter = $rule | Get-NetFirewallInterfaceTypeFilter
          ([PSCustomObject]@{
            rule_name = $rule.Name
            description = $rule.Description
            local_address = $addressFilter.LocalAddress
            local_port = $portFilter.LocalPort
            remote_address = $addressFilter.RemoteAddress
            remote_port = $portFilter.RemotePort
            direction = $rule.Direction.ToString()
            protocol = $portFilter.Protocol
            firewall_action = $rule.Action.ToString()
            profile = $rule.Profile.ToString()
            program = $applicationFilter.Program
            service = $serviceFilter.Service
            interface_type = $interfaceTypeFilter.InterfaceType.ToString()
            enabled = [bool]::Parse($rule.Enabled.ToString())
          }) | ConvertTo-Json
        EOH
      end