In Files
- drb/acl.rb
Class/Module Index
![[+]](./images/find.png "show/hide quicksearch")
- ACL
- ACL::ACLEntry
- ACL::ACLList
- DRb
- DRb::DRbArray
- DRb::DRbBadScheme
- DRb::DRbBadURI
- DRb::DRbConn
- DRb::DRbConnError
- DRb::DRbError
- DRb::DRbIdConv
- DRb::DRbIdConv
- DRb::DRbMessage
- DRb::DRbObject
- DRb::DRbObject
- DRb::DRbObservable
- DRb::DRbProtocol
- DRb::DRbRemoteError
- DRb::DRbSSLSocket
- DRb::DRbSSLSocket::SSLConfig
- DRb::DRbServerNotFound
- DRb::DRbTCPSocket
- DRb::DRbUNIXSocket
- DRb::DRbUndumped
- DRb::DRbUndumped
- DRb::DRbUnknown
- DRb::DRbUnknownError
- DRb::ExtServ
- DRb::ExtServManager
- DRb::GW
- DRb::GWIdConv
- DRb::TimerIdConv
- DRb::TimerIdConv::TimerHolder2
- DRb::TimerIdConv::TimerHolder2::InvalidIndexError
- Object
ACL
Simple Access Control Lists.
Access control lists are composed of “allow” and “deny” halves to control access. Use “all” or “*” to match any address. To match a specific address use any address or address mask that IPAddr can understand.
Example:
list = %w[ deny all allow 192.168.1.1 allow ::ffff:192.168.1.2 allow 192.168.1.3 ] # From Socket#peeraddr, see also ACL#allow_socket? addr = ["AF_INET", 10, "lc630", "192.168.1.3"] acl = ACL.new p acl.allow_addr?(addr) # => true acl = ACL.new(list, ACL::DENY_ALLOW) p acl.allow_addr?(addr) # => true
Constants
- ALLOW_DENY
Default to allow
- DENY_ALLOW
Default to deny
- VERSION
The current version of
ACL
Public Class Methods
new(list=nil, order = DENY_ALLOW)
click to toggle source
Creates a new ACL from list with an evaluation order of DENY_ALLOW or ALLOW_DENY.
An ACL list is an Array of “allow” or “deny” and an address or address mask or “all” or “*” to match any address:
%w[
deny all
allow 192.0.2.2
allow 192.0.2.128/26
]
# File drb/acl.rb, line 173
def initialize(list=nil, order = DENY_ALLOW)
@order = order
@deny = ACLList.new
@allow = ACLList.new
install_list(list) if list
end
Public Instance Methods
allow_addr?(addr)
click to toggle source
Allow connections from addrinfo addr? It must be formatted like Socket#peeraddr:
["AF_INET", 10, "lc630", "192.0.2.1"]
# File drb/acl.rb, line 197
def allow_addr?(addr)
case @order
when DENY_ALLOW
return true if @allow.match(addr)
return false if @deny.match(addr)
return true
when ALLOW_DENY
return false if @deny.match(addr)
return true if @allow.match(addr)
return false
else
false
end
end
allow_socket?(soc)
click to toggle source
Allow connections from Socket soc?
# File drb/acl.rb, line 185
def allow_socket?(soc)
allow_addr?(soc.peeraddr)
end