Update cookbooks and add wordpress cookbook

cookbooks/firewall/libraries/resource_firewall_rule.rb

@@ -1,36 +1,53 @@
-require 'poise'
+require 'ipaddr'
 
 class Chef
-  class Resource::FirewallRule < Resource
-    include Poise(Chef::Resource::Firewall)
+  class Resource::FirewallRule < Chef::Resource::LWRPBase
+    include FirewallCookbook::Helpers
 
-    actions(:reject, :allow, :deny, :masquerade, :redirect, :log, :remove)
+    resource_name(:firewall_rule)
+    provides(:firewall_rule)
+    actions(:create)
+    default_action(:create)
 
-    attribute(:protocol, :kind_of => [Symbol, String], :equal_to => [:udp, :tcp, :icmp, 'tcp', 'udp', 'icmp'], :default => :tcp)
-    attribute(:direction, :kind_of => [Symbol, String], :equal_to => [:in, :out, :pre, :post, 'in', 'out', 'pre', 'post'], :default => :in)
-    attribute(:logging, :kind_of => [Symbol, String], :equal_to => [:connections, :packets, 'connections', 'packets'])
+    attribute(:firewall_name, kind_of: String, default: 'default')
 
-    attribute(:source, :callbacks => { 'must be a valid ip address' => ->(s) { valid_ip?(s) } })
-    attribute(:source_port, :kind_of => [Integer, Array, Range]) # source port
-    attribute(:interface, :kind_of => String)
+    attribute(:command, kind_of: Symbol, equal_to: [:reject, :allow, :deny, :masquerade, :redirect, :log], default: :allow)
 
-    attribute(:port, :kind_of => [Integer, Array, Range]) # shorthand for dest_port
-    attribute(:destination, :callbacks => { 'must be a valid ip address' => ->(s) { valid_ip?(s) } })
-    attribute(:dest_port, :kind_of => [Integer, Array, Range])
-    attribute(:dest_interface, :kind_of => String)
+    attribute(:protocol, kind_of: [Integer, Symbol], default: :tcp,
+                         callbacks: { 'must be either :tcp, :udp, :icmp, :\'ipv6-icmp\', :icmpv6, :none, or a valid IP protocol number' => lambda do |p|
+                           !!(p.to_s =~ /(udp|tcp|icmp|icmpv6|ipv6-icmp|none)/ || (p.to_s =~ /^\d+$/ && p.between?(0, 142)))
+                         end
+      }
+             )
+    attribute(:direction, kind_of: Symbol, equal_to: [:in, :out, :pre, :post], default: :in)
+    attribute(:logging, kind_of: Symbol, equal_to: [:connections, :packets])
 
-    attribute(:position, :kind_of => Integer)
-    attribute(:stateful, :kind_of => [Symbol, String, Array])
-    attribute(:redirect_port, :kind_of => Integer)
-    attribute(:description, :kind_of => String, :name_attribute => true)
+    attribute(:source, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } })
+    attribute(:source_port, kind_of: [Integer, Array, Range]) # source port
+    attribute(:interface, kind_of: String)
+
+    attribute(:port, kind_of: [Integer, Array, Range]) # shorthand for dest_port
+    attribute(:destination, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } })
+    attribute(:dest_port, kind_of: [Integer, Array, Range])
+    attribute(:dest_interface, kind_of: String)
+
+    attribute(:position, kind_of: Integer, default: 50)
+    attribute(:stateful, kind_of: [Symbol, Array])
+    attribute(:redirect_port, kind_of: Integer)
+    attribute(:description, kind_of: String, name_attribute: true)
+
+    # only used for firewalld
+    attribute(:permanent, kind_of: [TrueClass, FalseClass], default: false)
+
+    # only used for Windows Firewalls
+    attribute(:program, kind_of: String)
+    attribute(:service, kind_of: String)
 
     # for when you just want to pass a raw rule
-    attribute(:raw, :kind_of => String)
+    attribute(:raw, kind_of: String)
 
-    def self.valid_ip?(ip)
-      IPAddr.new(ip) ? true : false
-    rescue
-      false
-    end
+    # do you want this rule to notify the firewall to recalculate
+    # (and potentially reapply) the firewall_rule(s) it finds?
+    attribute(:notify_firewall, kind_of: [TrueClass, FalseClass], default: true)
   end
 end