1.0.1 • Published 3 years ago

iptabler-smart v1.0.1

Weekly downloads
-
License
ISC
Repository
github
Last release
3 years ago

iptabler-smart

A wrapper for the iptabler module with some useful functionality.

The main thing this module offers is the ability to only apply rules that aren't already applied. Currently iptabler will raise a signal and cause your program to terminate if you apply a rule that already exists. This module's applyRuleSafely() method will check against existing firewall rules and only create the rule if it doesn't already exist.

Usage

const fw = new iptabler();

const createMyChain = {
    sudo: true,
    table: 'nat',
    new_chain: 'MYCHAIN'
};


fw.applyRuleSafely(createMyChain).then(() => {

    // Apply the rule safely, fetching existing rules first
    return fw.applyRuleSafely(createMyChain);

}).then(() => {

    // Applying the same rule again. This time it won't be applied since it is already present.
    return fw.applyRuleSafely(createMyChain);

}).then(() => {

    // Apply the rule safely, without first fetching existing rules
    return fw.applyRuleSafely({
        sudo: true,
        table: 'nat',
        new_chain: 'MYCHAIN2'
    }, false);

}).then(() => {

    // For a 'templated' rule, use a string replacement map
    return fw.applyRuleSafely({
        sudo: true,
        table: 'nat',
        append: 'MYCHAIN2',
	source: 'GATEWAY_IP',
	in_interface: 'WAN',
	jump: 'RETURN'
    }, false, {
        GATEWAY_IP: '192.168.1.1',
	WAN: 'eth0
    });
    /*
     * This rule gets transformed:
     * GATEWAY_IP => 192.168.1.1
     * WAN => eth0
     */

}).then(() => {

    let newChainRules = [
        {
            sudo: true,
            table: 'nat',
            append: 'POSTROUTING',
            jump: 'MYCHAIN'
        },
        {
            sudo: true,
            table: 'nat',
            append: 'MYCHAIN',
            out_interface: 'cni0',
            jump: 'MASQUERADE'
        }
    ];

    /*
     * Apply the array of rules. Fetches existing rules at the beginning,
     * and then applies the rules after.
     */
    return fw.applyRulesSafely(newChainRules);

}).then(() => {

    // Fetch all the rules manually so they will be up-to-date for next time
    return fw.getAllRules();

}).then(() => {
    console.log('done');
});

Methods

Method nameParametersFunction
getAllRulesNoneFetches existing rules so we know what has been applied
applyRuleSafelyrule - iptabler rule updateCurrent - call getAllRules before running this rule (default: true)replacements - optional key:value map of string replacementsApply rule only if it hasn't been applied already
applyRulesSafelyrules - array of iptabler rulesreplacements - optional key:value map of string replacementsCalls applyRuleSafely for each rule in the array, only calling getAllRules at the beginning
applyRulerule - iptabler rulereplacements - optional key:value map of string replacementsSimply execs iptabler rule without checking (unsafe)
applyRulesrules - array of iptabler rulesreplacements - optional key:value map of string replacementscalls applyRule on all rules in the array (unsafe)
iptablesnetworkinglinux
iptabler
@infinitebrahmanuniverse/nolb-ipt@everything-registry/sub-chunk-1930router-setup
1.0.1

3 years ago

1.0.0

3 years ago