Adding firewall resource to windows cookbook.

2 files changed, 86 insertions, 0 deletions

diff --git a/providers/firewall.rb b/providers/firewall.rb
new file mode 100644
index 0000000..5485ace
--- /dev/null
+++ b/providers/firewall.rb
@@ -0,0 +1,58 @@
+#
+# Cookbook Name:: windows
+# Provider:: firewall 
+# Author: Kendrick Martin
+#
+# Copyright 2011, Webtrends
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/mixin/shell_out'
+
+include Chef::Mixin::ShellOut
+include Windows::Helper
+
+action :open_port do
+	unless @current_portopening.exists
+		Chef::Log.debug("Opening Fireawll port  #{@new_resource.rule_name}")
+		cmd = "#{firewallcmd} set portopening protocol=#{@new_resource.protocol} "
+		cmd << "port=#{@new_resource.port} name=#{@new_resource.rule_name}"
+		shell_out!(cmd)
+		Chef::Log.info("#{@new_resource.rule_name} firewall port opened")
+	else
+		Chef::Log.info("#{@new_resource.rule_name} Port already open")
+	end
+end
+
+def load_current_resource
+	@current_portopening = Chef::Resource::WindowsFirewall.new(@new_resource.name)
+	@current_portopening.rule_name(@new_resource.rule_name)
+	cmd = shell_out("#{firewallcmd} show portopening")
+	Chef::Log.debug("#{@new_resource} show portopening command output: #{cmd.stdout}")
+	result = cmd.stdout.match(/^#{new_resource.port}\s*#{new_resource.protocol}.*#{new_resource.rule_name}/) if cmd.stderr.empty?
+  Chef::Log.debug("#{@new_resource} current_portopening match output: #{result}")
+  if result    
+    @current_portopening.exists = true  
+  else
+    @current_portopening.exists = false
+  end
+end
+
+private
+def firewallcmd
+  @firewall ||= begin
+    "netsh firewall"
+  end
+end
\ No newline at end of file
diff --git a/resources/firewall.rb b/resources/firewall.rb
new file mode 100644
index 0000000..abc052f
--- /dev/null
+++ b/resources/firewall.rb
@@ -0,0 +1,28 @@
+#
+# Cookbook Name:: windows
+# Provider:: firewall 
+# Author: Kendrick Martin
+#
+# Copyright 2011, Webtrends
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+actions :open_port
+
+attribute :rule_name, :kind_of => String, :name_attribute => true
+attribute :port, :kind_of => Integer
+attribute :protocol, :kind_of => String
+attr_accessor :exists
\ No newline at end of file