diff --git a/src/import/PFImporter.cpp b/src/import/PFImporter.cpp index 26f2afc44..6aaff2f19 100644 --- a/src/import/PFImporter.cpp +++ b/src/import/PFImporter.cpp @@ -291,10 +291,8 @@ void PFImporter::pushRule() void PFImporter::pushPolicyRule() { - if (current_ruleset == NULL) - { - newUnidirRuleSet("filter", libfwbuilder::Policy::TYPENAME ); - } + RuleSet *ruleset = RuleSet::cast( + getFirewallObject()->getFirstByType(Policy::TYPENAME)); assert(current_rule!=NULL); // populate all elements of the rule @@ -377,7 +375,8 @@ void PFImporter::pushPolicyRule() addLogging(); // then add it to the current ruleset - current_ruleset->ruleset->add(current_rule); + ruleset->add(current_rule); + addStandardImportComment( current_rule, QString::fromUtf8(rule_comment.c_str())); @@ -386,6 +385,14 @@ void PFImporter::pushPolicyRule() } +void PFImporter::pushNATRule() +{ + RuleSet *ruleset = RuleSet::cast( + getFirewallObject()->getFirstByType(NAT::TYPENAME)); + + assert(current_rule!=NULL); +} + Firewall* PFImporter::finalize() { // scan all UnidirectionalRuleSet objects, set interface and @@ -399,28 +406,40 @@ Firewall* PFImporter::finalize() { Firewall *fw = Firewall::cast(getFirewallObject()); - if (! discovered_platform.empty()) - { - QString pl = QString(discovered_platform.c_str()).toLower(); + // We can not "discover" host OS just by reading pf.conf file. + // Assume FreeBSD - fw->setStr("platform", pl.toStdString()); + fw->setStr("platform", "pf"); - string host_os = "openbsd"; + string host_os = "freebsd"; - if (! host_os.empty()) - { - fw->setStr("host_OS", host_os); - Resources::setDefaultTargetOptions(host_os , fw); - } + fw->setStr("host_OS", host_os); + Resources::setDefaultTargetOptions(host_os , fw); - string version = findBestVersionMatch( - pl, discovered_version.c_str()).toStdString(); + // We may be able to infer at least something about the version + // from the pf.conf file in the future. + string version = findBestVersionMatch( + "pf", discovered_version.c_str()).toStdString(); - if ( ! version.empty()) fw->setStr("version", version); - } + if ( ! version.empty()) fw->setStr("version", version); rearrangeVlanInterfaces(); + list l1 = fw->getByType(Policy::TYPENAME); + for (list::iterator i=l1.begin(); i!=l1.end(); ++i) + { + RuleSet *rs = RuleSet::cast(*i); + rs->renumberRules(); + } + + // Deal with NAT ruleset + list l2 = fw->getByType(NAT::TYPENAME); + for (list::iterator i=l2.begin(); i!=l2.end(); ++i) + { + RuleSet *rs = RuleSet::cast(*i); + rs->renumberRules(); + } + return fw; } else @@ -429,10 +448,6 @@ Firewall* PFImporter::finalize() } } -void PFImporter::pushNATRule() -{ -} - Interface* PFImporter::getInterfaceByName(const string &name) { map::iterator it; diff --git a/src/parsers/PFCfgLexer.cpp b/src/parsers/PFCfgLexer.cpp index c49f3e3c1..e8a8e8a61 100644 --- a/src/parsers/PFCfgLexer.cpp +++ b/src/parsers/PFCfgLexer.cpp @@ -1,4 +1,4 @@ -/* $ANTLR 2.7.7 (20090306): "pf.g" -> "PFCfgLexer.cpp"$ */ +/* $ANTLR 2.7.7 (20100319): "pf.g" -> "PFCfgLexer.cpp"$ */ #line 42 "pf.g" // gets inserted before the antlr generated includes in the cpp @@ -438,11 +438,11 @@ void PFCfgLexer::mLINE_COMMENT(bool _createToken) { } } else { - goto _loop152; + goto _loop151; } } - _loop152:; + _loop151:; } // ( ... )* mNEWLINE(false); if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) { @@ -474,7 +474,7 @@ void PFCfgLexer::mNEWLINE(bool _createToken) { } if ( inputState->guessing==0 ) { -#line 1010 "pf.g" +#line 1021 "pf.g" newline(); #line 480 "PFCfgLexer.cpp" } @@ -555,7 +555,7 @@ void PFCfgLexer::mWhitespace(bool _createToken) { } } if ( inputState->guessing==0 ) { -#line 1005 "pf.g" +#line 1016 "pf.g" _ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP; #line 561 "PFCfgLexer.cpp" } @@ -742,10 +742,10 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { _ttype = NUMBER_ADDRESS_OR_WORD; ANTLR_USE_NAMESPACE(std)string::size_type _saveIndex; - bool synPredMatched177 = false; + bool synPredMatched176 = false; if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_2.member(LA(2))) && (_tokenSet_2.member(LA(3))))) { - int _m177 = mark(); - synPredMatched177 = true; + int _m176 = mark(); + synPredMatched176 = true; inputState->guessing++; try { { @@ -756,12 +756,12 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) { - synPredMatched177 = false; + synPredMatched176 = false; } - rewind(_m177); + rewind(_m176); inputState->guessing--; } - if ( synPredMatched177 ) { + if ( synPredMatched176 ) { { mNUM_3DIGIT(false); match('.' /* charlit */ ); @@ -772,99 +772,99 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { mNUM_3DIGIT(false); } if ( inputState->guessing==0 ) { -#line 1047 "pf.g" +#line 1058 "pf.g" _ttype = IPV4; #line 778 "PFCfgLexer.cpp" } } else { - bool synPredMatched184 = false; + bool synPredMatched183 = false; if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_2.member(LA(2))) && (_tokenSet_2.member(LA(3))))) { - int _m184 = mark(); - synPredMatched184 = true; + int _m183 = mark(); + synPredMatched183 = true; inputState->guessing++; try { { { // ( ... )+ - int _cnt181=0; + int _cnt180=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mDIGIT(false); } else { - if ( _cnt181>=1 ) { goto _loop181; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt180>=1 ) { goto _loop180; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt181++; + _cnt180++; } - _loop181:; + _loop180:; } // ( ... )+ match('.' /* charlit */ ); { // ( ... )+ - int _cnt183=0; + int _cnt182=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mDIGIT(false); } else { - if ( _cnt183>=1 ) { goto _loop183; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt182>=1 ) { goto _loop182; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt183++; + _cnt182++; } - _loop183:; + _loop182:; } // ( ... )+ } } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) { - synPredMatched184 = false; + synPredMatched183 = false; } - rewind(_m184); + rewind(_m183); inputState->guessing--; } - if ( synPredMatched184 ) { + if ( synPredMatched183 ) { { { // ( ... )+ - int _cnt187=0; + int _cnt186=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mDIGIT(false); } else { - if ( _cnt187>=1 ) { goto _loop187; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt186>=1 ) { goto _loop186; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt187++; + _cnt186++; } - _loop187:; + _loop186:; } // ( ... )+ match('.' /* charlit */ ); { // ( ... )+ - int _cnt189=0; + int _cnt188=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mDIGIT(false); } else { - if ( _cnt189>=1 ) { goto _loop189; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt188>=1 ) { goto _loop188; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt189++; + _cnt188++; } - _loop189:; + _loop188:; } // ( ... )+ } if ( inputState->guessing==0 ) { -#line 1050 "pf.g" +#line 1061 "pf.g" _ttype = NUMBER; #line 861 "PFCfgLexer.cpp" } } else { - bool synPredMatched208 = false; + bool synPredMatched207 = false; if (((LA(1) == 0x3a /* ':' */ ) && (LA(2) == 0x3a /* ':' */ ) && ((LA(3) >= 0x30 /* '0' */ && LA(3) <= 0x39 /* '9' */ )))) { - int _m208 = mark(); - synPredMatched208 = true; + int _m207 = mark(); + synPredMatched207 = true; inputState->guessing++; try { { @@ -874,12 +874,12 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) { - synPredMatched208 = false; + synPredMatched207 = false; } - rewind(_m208); + rewind(_m207); inputState->guessing--; } - if ( synPredMatched208 ) { + if ( synPredMatched207 ) { match(':' /* charlit */ ); match(':' /* charlit */ ); mNUM_HEX_4DIGIT(false); @@ -890,23 +890,23 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { mNUM_HEX_4DIGIT(false); } else { - goto _loop210; + goto _loop209; } } - _loop210:; + _loop209:; } // ( ... )* if ( inputState->guessing==0 ) { -#line 1073 "pf.g" +#line 1084 "pf.g" _ttype = IPV6; #line 903 "PFCfgLexer.cpp" } } else { - bool synPredMatched193 = false; + bool synPredMatched192 = false; if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && ((LA(2) >= 0x61 /* 'a' */ && LA(2) <= 0x66 /* 'f' */ )))) { - int _m193 = mark(); - synPredMatched193 = true; + int _m192 = mark(); + synPredMatched192 = true; inputState->guessing++; try { { @@ -915,60 +915,60 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) { - synPredMatched193 = false; + synPredMatched192 = false; } - rewind(_m193); + rewind(_m192); inputState->guessing--; } - if ( synPredMatched193 ) { + if ( synPredMatched192 ) { { - bool synPredMatched198 = false; + bool synPredMatched197 = false; if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && ((LA(2) >= 0x61 /* 'a' */ && LA(2) <= 0x66 /* 'f' */ )) && ((LA(3) >= 0x30 /* '0' */ && LA(3) <= 0x3a /* ':' */ )))) { - int _m198 = mark(); - synPredMatched198 = true; + int _m197 = mark(); + synPredMatched197 = true; inputState->guessing++; try { { { // ( ... )+ - int _cnt197=0; + int _cnt196=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mNUM_HEX_4DIGIT(false); match(':' /* charlit */ ); } else { - if ( _cnt197>=1 ) { goto _loop197; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt196>=1 ) { goto _loop196; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt197++; + _cnt196++; } - _loop197:; + _loop196:; } // ( ... )+ match(':' /* charlit */ ); } } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) { - synPredMatched198 = false; + synPredMatched197 = false; } - rewind(_m198); + rewind(_m197); inputState->guessing--; } - if ( synPredMatched198 ) { + if ( synPredMatched197 ) { { { // ( ... )+ - int _cnt201=0; + int _cnt200=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mNUM_HEX_4DIGIT(false); match(':' /* charlit */ ); } else { - if ( _cnt201>=1 ) { goto _loop201; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt200>=1 ) { goto _loop200; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt201++; + _cnt200++; } - _loop201:; + _loop200:; } // ( ... )+ match(':' /* charlit */ ); { @@ -981,11 +981,11 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { mNUM_HEX_4DIGIT(false); } else { - goto _loop204; + goto _loop203; } } - _loop204:; + _loop203:; } // ( ... )* } else { @@ -994,7 +994,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } } if ( inputState->guessing==0 ) { -#line 1064 "pf.g" +#line 1075 "pf.g" _ttype = IPV6; #line 1000 "PFCfgLexer.cpp" } @@ -1002,22 +1002,22 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { else if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && ((LA(2) >= 0x61 /* 'a' */ && LA(2) <= 0x66 /* 'f' */ )) && ((LA(3) >= 0x30 /* '0' */ && LA(3) <= 0x3a /* ':' */ ))) { mNUM_HEX_4DIGIT(false); { // ( ... )+ - int _cnt206=0; + int _cnt205=0; for (;;) { if ((LA(1) == 0x3a /* ':' */ )) { match(':' /* charlit */ ); mNUM_HEX_4DIGIT(false); } else { - if ( _cnt206>=1 ) { goto _loop206; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt205>=1 ) { goto _loop205; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt206++; + _cnt205++; } - _loop206:; + _loop205:; } // ( ... )+ if ( inputState->guessing==0 ) { -#line 1067 "pf.g" +#line 1078 "pf.g" _ttype = IPV6; #line 1023 "PFCfgLexer.cpp" } @@ -1028,7 +1028,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } if ( inputState->guessing==0 ) { -#line 1069 "pf.g" +#line 1080 "pf.g" _ttype = IPV6; #line 1034 "PFCfgLexer.cpp" } @@ -1037,28 +1037,28 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { match(':' /* charlit */ ); match(':' /* charlit */ ); if ( inputState->guessing==0 ) { -#line 1076 "pf.g" +#line 1087 "pf.g" _ttype = IPV6; #line 1043 "PFCfgLexer.cpp" } } else if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (true) && (true)) { { // ( ... )+ - int _cnt191=0; + int _cnt190=0; for (;;) { if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) { mDIGIT(false); } else { - if ( _cnt191>=1 ) { goto _loop191; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} + if ( _cnt190>=1 ) { goto _loop190; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());} } - _cnt191++; + _cnt190++; } - _loop191:; + _loop190:; } // ( ... )+ if ( inputState->guessing==0 ) { -#line 1055 "pf.g" +#line 1066 "pf.g" _ttype = INT_CONST; #line 1064 "PFCfgLexer.cpp" } @@ -1066,7 +1066,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { else if ((LA(1) == 0x3a /* ':' */ ) && (true)) { match(':' /* charlit */ ); if ( inputState->guessing==0 ) { -#line 1079 "pf.g" +#line 1090 "pf.g" _ttype = COLON; #line 1072 "PFCfgLexer.cpp" } @@ -1279,14 +1279,14 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) { } default: { - goto _loop213; + goto _loop212; } } } - _loop213:; + _loop212:; } // ( ... )* if ( inputState->guessing==0 ) { -#line 1091 "pf.g" +#line 1102 "pf.g" _ttype = WORD; #line 1292 "PFCfgLexer.cpp" } @@ -1316,11 +1316,11 @@ void PFCfgLexer::mSTRING(bool _createToken) { matchNot('\"' /* charlit */ ); } else { - goto _loop216; + goto _loop215; } } - _loop216:; + _loop215:; } // ( ... )* match('\"' /* charlit */ ); if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) { diff --git a/src/parsers/PFCfgLexer.hpp b/src/parsers/PFCfgLexer.hpp index 719eaf729..884935613 100644 --- a/src/parsers/PFCfgLexer.hpp +++ b/src/parsers/PFCfgLexer.hpp @@ -9,7 +9,7 @@ #line 11 "PFCfgLexer.hpp" #include -/* $ANTLR 2.7.7 (20090306): "pf.g" -> "PFCfgLexer.hpp"$ */ +/* $ANTLR 2.7.7 (20100319): "pf.g" -> "PFCfgLexer.hpp"$ */ #include #include #include diff --git a/src/parsers/PFCfgParser.cpp b/src/parsers/PFCfgParser.cpp index 5304ae4f8..bebadf05a 100644 --- a/src/parsers/PFCfgParser.cpp +++ b/src/parsers/PFCfgParser.cpp @@ -1,4 +1,4 @@ -/* $ANTLR 2.7.7 (20090306): "pf.g" -> "PFCfgParser.cpp"$ */ +/* $ANTLR 2.7.7 (20100319): "pf.g" -> "PFCfgParser.cpp"$ */ #line 42 "pf.g" // gets inserted before the antlr generated includes in the cpp @@ -362,9 +362,10 @@ void PFCfgParser::table_command() { match(STRING); #line 230 "pf.g" - importer->newAddressTableObject(name->getText(), file->getText()); + importer->newAddressTableObject( + name->getText(), file->getText()); -#line 368 "PFCfgParser.cpp" +#line 369 "PFCfgParser.cpp" break; } case OPENING_BRACE: @@ -404,11 +405,12 @@ void PFCfgParser::table_command() { _loop18:; } // ( ... )* match(CLOSING_BRACE); -#line 241 "pf.g" +#line 242 "pf.g" - importer->newAddressTableObject(name->getText(), importer->tmp_group); + importer->newAddressTableObject( + name->getText(), importer->tmp_group); -#line 412 "PFCfgParser.cpp" +#line 414 "PFCfgParser.cpp" break; } default: @@ -429,7 +431,7 @@ void PFCfgParser::nat_command() { try { // for error handling match(NAT); -#line 277 "pf.g" +#line 287 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -437,7 +439,7 @@ void PFCfgParser::nat_command() { QString("Warning: import of 'nat' commands has not been implemented yet.")); consumeUntil(NEWLINE); -#line 441 "PFCfgParser.cpp" +#line 443 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -450,7 +452,7 @@ void PFCfgParser::rdr_command() { try { // for error handling match(RDR); -#line 299 "pf.g" +#line 309 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -458,7 +460,7 @@ void PFCfgParser::rdr_command() { QString("Warning: import of 'rdr' commands has not been implemented yet.")); consumeUntil(NEWLINE); -#line 462 "PFCfgParser.cpp" +#line 464 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -471,7 +473,7 @@ void PFCfgParser::binat_command() { try { // for error handling match(BINAT); -#line 288 "pf.g" +#line 298 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -479,7 +481,7 @@ void PFCfgParser::binat_command() { QString("Error: import of 'binat' commands is not supported.")); consumeUntil(NEWLINE); -#line 483 "PFCfgParser.cpp" +#line 485 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -492,7 +494,7 @@ void PFCfgParser::pass_command() { try { // for error handling match(PASS); -#line 333 "pf.g" +#line 343 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -500,14 +502,14 @@ void PFCfgParser::pass_command() { importer->action = "pass"; *dbg << LT(1)->getLine() << ":" << " pass "; -#line 504 "PFCfgParser.cpp" +#line 506 "PFCfgParser.cpp" rule_extended(); match(NEWLINE); -#line 341 "pf.g" +#line 351 "pf.g" importer->pushRule(); -#line 511 "PFCfgParser.cpp" +#line 513 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -520,7 +522,7 @@ void PFCfgParser::block_command() { try { // for error handling match(BLOCK); -#line 347 "pf.g" +#line 357 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -528,14 +530,14 @@ void PFCfgParser::block_command() { importer->action = "block"; *dbg << LT(1)->getLine() << ":" << " block "; -#line 532 "PFCfgParser.cpp" +#line 534 "PFCfgParser.cpp" rule_extended(); match(NEWLINE); -#line 355 "pf.g" +#line 365 "pf.g" importer->pushRule(); -#line 539 "PFCfgParser.cpp" +#line 541 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -548,7 +550,7 @@ void PFCfgParser::timeout_command() { try { // for error handling match(TIMEOUT); -#line 310 "pf.g" +#line 320 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); @@ -556,7 +558,7 @@ void PFCfgParser::timeout_command() { QString("Warning: import of 'timeout' commands has not been implemented yet.")); consumeUntil(NEWLINE); -#line 560 "PFCfgParser.cpp" +#line 562 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -569,13 +571,13 @@ void PFCfgParser::unknown_command() { try { // for error handling match(WORD); -#line 322 "pf.g" +#line 332 "pf.g" importer->clear(); importer->setCurrentLineNumber(LT(0)->getLine()); consumeUntil(NEWLINE); -#line 579 "PFCfgParser.cpp" +#line 581 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -585,9 +587,9 @@ void PFCfgParser::unknown_command() { void PFCfgParser::tableaddr_spec() { Tracer traceInOut(this, "tableaddr_spec"); -#line 247 "pf.g" +#line 249 "pf.g" AddressSpec as; -#line 591 "PFCfgParser.cpp" +#line 593 "PFCfgParser.cpp" try { // for error handling { @@ -595,9 +597,9 @@ void PFCfgParser::tableaddr_spec() { case EXLAMATION: { match(EXLAMATION); -#line 248 "pf.g" +#line 250 "pf.g" as.neg = true; -#line 601 "PFCfgParser.cpp" +#line 603 "PFCfgParser.cpp" break; } case WORD: @@ -617,38 +619,44 @@ void PFCfgParser::tableaddr_spec() { case WORD: { match(WORD); -#line 250 "pf.g" - as.at = AddressSpec::INTERFACE_NAME; as.address = LT(0)->getText(); -#line 623 "PFCfgParser.cpp" +#line 253 "pf.g" + + as.at = AddressSpec::INTERFACE_NAME; + as.address = LT(0)->getText(); + +#line 628 "PFCfgParser.cpp" break; } case SELF: { match(SELF); -#line 252 "pf.g" - as.at = AddressSpec::SPECIAL_ADDRESS; as.address = "self"; -#line 631 "PFCfgParser.cpp" +#line 259 "pf.g" + + as.at = AddressSpec::SPECIAL_ADDRESS; + as.address = "self"; + +#line 639 "PFCfgParser.cpp" break; } case IPV4: { match(IPV4); -#line 255 "pf.g" +#line 265 "pf.g" as.at = AddressSpec::HOST_ADDRESS; as.address = LT(0)->getText(); -#line 642 "PFCfgParser.cpp" +#line 650 "PFCfgParser.cpp" { switch ( LA(1)) { case SLASH: { match(SLASH); -#line 261 "pf.g" +#line 271 "pf.g" as.at = AddressSpec::NETWORK_ADDRESS; -#line 652 "PFCfgParser.cpp" +#line 660 "PFCfgParser.cpp" { switch ( LA(1)) { case IPV4: @@ -667,11 +675,11 @@ void PFCfgParser::tableaddr_spec() { } } } -#line 265 "pf.g" +#line 275 "pf.g" as.netmask = LT(0)->getText(); -#line 675 "PFCfgParser.cpp" +#line 683 "PFCfgParser.cpp" break; } case WORD: @@ -697,11 +705,11 @@ void PFCfgParser::tableaddr_spec() { } } } -#line 270 "pf.g" +#line 280 "pf.g" importer->tmp_group.push_back(as); -#line 705 "PFCfgParser.cpp" +#line 713 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1030,11 +1038,11 @@ void PFCfgParser::direction() { } } } -#line 373 "pf.g" +#line 383 "pf.g" importer->direction = LT(0)->getText(); -#line 1038 "PFCfgParser.cpp" +#line 1046 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1085,11 +1093,11 @@ void PFCfgParser::logging() { } } } -#line 380 "pf.g" +#line 390 "pf.g" importer->logging = true; -#line 1093 "PFCfgParser.cpp" +#line 1101 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1102,11 +1110,11 @@ void PFCfgParser::quick() { try { // for error handling match(QUICK); -#line 402 "pf.g" +#line 412 "pf.g" importer->quick = true; -#line 1110 "PFCfgParser.cpp" +#line 1118 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1185,11 +1193,11 @@ void PFCfgParser::address_family() { case INET6: { match(INET6); -#line 432 "pf.g" +#line 442 "pf.g" importer->address_family = LT(0)->getText(); -#line 1193 "PFCfgParser.cpp" +#line 1201 "PFCfgParser.cpp" break; } default: @@ -1225,14 +1233,14 @@ void PFCfgParser::hosts() { case ALL: { match(ALL); -#line 475 "pf.g" +#line 485 "pf.g" importer->src_group.push_back( AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0")); importer->dst_group.push_back( AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0")); -#line 1236 "PFCfgParser.cpp" +#line 1244 "PFCfgParser.cpp" break; } case NEWLINE: @@ -1359,11 +1367,11 @@ void PFCfgParser::filteropts() { filteropt(); } else { - goto _loop107; + goto _loop106; } } - _loop107:; + _loop106:; } // ( ... )* } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { @@ -1382,9 +1390,9 @@ void PFCfgParser::logopts() { for (;;) { if ((LA(1) == COMMA)) { match(COMMA); -#line 389 "pf.g" +#line 399 "pf.g" importer->logopts += ","; -#line 1388 "PFCfgParser.cpp" +#line 1396 "PFCfgParser.cpp" logopt(); } else { @@ -1421,11 +1429,11 @@ void PFCfgParser::logopt() { { match(TO); match(WORD); -#line 396 "pf.g" +#line 406 "pf.g" importer->logopts += LT(0)->getText(); -#line 1429 "PFCfgParser.cpp" +#line 1437 "PFCfgParser.cpp" break; } default: @@ -1442,9 +1450,9 @@ void PFCfgParser::logopt() { void PFCfgParser::ifspec() { Tracer traceInOut(this, "ifspec"); -#line 410 "pf.g" +#line 420 "pf.g" InterfaceSpec is; -#line 1448 "PFCfgParser.cpp" +#line 1456 "PFCfgParser.cpp" try { // for error handling { @@ -1452,9 +1460,9 @@ void PFCfgParser::ifspec() { case EXLAMATION: { match(EXLAMATION); -#line 411 "pf.g" +#line 421 "pf.g" is.neg = true; -#line 1458 "PFCfgParser.cpp" +#line 1466 "PFCfgParser.cpp" break; } case WORD: @@ -1468,13 +1476,13 @@ void PFCfgParser::ifspec() { } } match(WORD); -#line 413 "pf.g" +#line 423 "pf.g" is.name = LT(0)->getText(); importer->iface_group.push_back(is); importer->newInterface(is.name); -#line 1478 "PFCfgParser.cpp" +#line 1486 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1667,11 +1675,11 @@ void PFCfgParser::proto_name() { } } } -#line 452 "pf.g" +#line 462 "pf.g" importer->proto_list.push_back(LT(0)->getText()); -#line 1675 "PFCfgParser.cpp" +#line 1683 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1684,11 +1692,11 @@ void PFCfgParser::proto_number() { try { // for error handling match(INT_CONST); -#line 458 "pf.g" +#line 468 "pf.g" importer->proto_list.push_back(LT(0)->getText()); -#line 1692 "PFCfgParser.cpp" +#line 1700 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1935,13 +1943,13 @@ void PFCfgParser::src_hosts_part() { case URPF_FAILED: { match(URPF_FAILED); -#line 498 "pf.g" +#line 508 "pf.g" importer->tmp_group.push_back( AddressSpec(AddressSpec::SPECIAL_ADDRESS, false, "urpf-failed", "")); -#line 1945 "PFCfgParser.cpp" +#line 1953 "PFCfgParser.cpp" break; } default: @@ -1950,13 +1958,13 @@ void PFCfgParser::src_hosts_part() { } } } -#line 504 "pf.g" +#line 514 "pf.g" importer->src_neg = importer->tmp_neg; importer->src_group.splice(importer->src_group.begin(), importer->tmp_group); -#line 1960 "PFCfgParser.cpp" +#line 1968 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -1992,12 +2000,12 @@ void PFCfgParser::src_port_part() { } } } -#line 789 "pf.g" +#line 800 "pf.g" importer->src_port_group.splice(importer->src_port_group.begin(), importer->tmp_port_group); -#line 2001 "PFCfgParser.cpp" +#line 2009 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2010,13 +2018,13 @@ void PFCfgParser::dst_hosts_part() { try { // for error handling common_hosts_part(); -#line 513 "pf.g" +#line 523 "pf.g" importer->dst_neg = importer->tmp_neg; importer->dst_group.splice(importer->dst_group.begin(), importer->tmp_group); -#line 2020 "PFCfgParser.cpp" +#line 2028 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2052,12 +2060,12 @@ void PFCfgParser::dst_port_part() { } } } -#line 797 "pf.g" +#line 808 "pf.g" importer->dst_port_group.splice(importer->dst_port_group.begin(), importer->tmp_port_group); -#line 2061 "PFCfgParser.cpp" +#line 2069 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2073,39 +2081,29 @@ void PFCfgParser::common_hosts_part() { case ANY: { match(ANY); -#line 522 "pf.g" +#line 532 "pf.g" importer->tmp_group.push_back( AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0")); -#line 2082 "PFCfgParser.cpp" - break; - } - case SELF: - { - match(SELF); -#line 528 "pf.g" - - importer->tmp_group.push_back( - AddressSpec(AddressSpec::SPECIAL_ADDRESS, false, "self", "")); - -#line 2093 "PFCfgParser.cpp" +#line 2090 "PFCfgParser.cpp" break; } case NO_ROUTE: { match(NO_ROUTE); -#line 534 "pf.g" +#line 538 "pf.g" importer->tmp_group.push_back( AddressSpec(AddressSpec::SPECIAL_ADDRESS, false, "no-route", "")); -#line 2104 "PFCfgParser.cpp" +#line 2101 "PFCfgParser.cpp" break; } case WORD: case LESS_THAN: case EXLAMATION: + case SELF: case IPV4: case IPV6: { @@ -2131,11 +2129,10 @@ void PFCfgParser::common_hosts_part() { void PFCfgParser::host() { Tracer traceInOut(this, "host"); - ANTLR_USE_NAMESPACE(antlr)RefToken h = ANTLR_USE_NAMESPACE(antlr)nullToken; - ANTLR_USE_NAMESPACE(antlr)RefToken v6 = ANTLR_USE_NAMESPACE(antlr)nullToken; - ANTLR_USE_NAMESPACE(antlr)RefToken nm = ANTLR_USE_NAMESPACE(antlr)nullToken; - ANTLR_USE_NAMESPACE(antlr)RefToken nm6 = ANTLR_USE_NAMESPACE(antlr)nullToken; ANTLR_USE_NAMESPACE(antlr)RefToken tn = ANTLR_USE_NAMESPACE(antlr)nullToken; +#line 548 "pf.g" + AddressSpec as; +#line 2136 "PFCfgParser.cpp" try { // for error handling { @@ -2143,15 +2140,14 @@ void PFCfgParser::host() { case EXLAMATION: { match(EXLAMATION); -#line 547 "pf.g" - - importer->tmp_neg = true; - -#line 2151 "PFCfgParser.cpp" +#line 549 "pf.g" + as.neg = true; +#line 2146 "PFCfgParser.cpp" break; } case WORD: case LESS_THAN: + case SELF: case IPV4: case IPV6: { @@ -2165,45 +2161,69 @@ void PFCfgParser::host() { } { switch ( LA(1)) { - case IPV4: + case WORD: + { + match(WORD); +#line 552 "pf.g" + + // interface name or domain/host name + as.at = AddressSpec::INTERFACE_NAME; + as.address = LT(0)->getText(); + +#line 2174 "PFCfgParser.cpp" + break; + } + case SELF: + { + match(SELF); +#line 559 "pf.g" + + as.at = AddressSpec::SPECIAL_ADDRESS; + as.address = "self"; + +#line 2185 "PFCfgParser.cpp" + break; + } case IPV6: { - { - switch ( LA(1)) { - case IPV4: - { - h = LT(1); - match(IPV4); - break; - } - case IPV6: - { - v6 = LT(1); - match(IPV6); - break; - } - default: - { - throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename()); - } - } - } + match(IPV6); +#line 565 "pf.g" + + importer->addMessageToLog( + QString("Error: IPv6 import is not supported. ")); + consumeUntil(NEWLINE); + +#line 2197 "PFCfgParser.cpp" + break; + } + case IPV4: + { + match(IPV4); +#line 572 "pf.g" + + as.at = AddressSpec::HOST_ADDRESS; + as.address = LT(0)->getText(); + +#line 2208 "PFCfgParser.cpp" { switch ( LA(1)) { case SLASH: { match(SLASH); +#line 578 "pf.g" + + as.at = AddressSpec::NETWORK_ADDRESS; + +#line 2218 "PFCfgParser.cpp" { switch ( LA(1)) { case IPV4: { - nm = LT(1); match(IPV4); break; } case INT_CONST: { - nm6 = LT(1); match(INT_CONST); break; } @@ -2213,6 +2233,11 @@ void PFCfgParser::host() { } } } +#line 582 "pf.g" + + as.netmask = LT(0)->getText(); + +#line 2241 "PFCfgParser.cpp" break; } case NEWLINE: @@ -2240,38 +2265,6 @@ void PFCfgParser::host() { } } } -#line 553 "pf.g" - - if (v6) - { - importer->addMessageToLog( - QString("Error: IPv6 import is not supported. ")); - consumeUntil(NEWLINE); - } else - { - std::string addr = "0.0.0.0"; - std::string netm = "255.255.255.255"; - if (h) addr = h->getText(); - if (nm) netm = nm->getText(); - importer->tmp_group.push_back( - AddressSpec(AddressSpec::NETWORK_ADDRESS, false, - addr, netm)); - } - -#line 2262 "PFCfgParser.cpp" - break; - } - case WORD: - { - match(WORD); -#line 572 "pf.g" - - // This should be an interface name - importer->tmp_group.push_back( - AddressSpec(AddressSpec::INTERFACE_NAME, false, - LT(0)->getText(), "")); - -#line 2275 "PFCfgParser.cpp" break; } case LESS_THAN: @@ -2280,12 +2273,12 @@ void PFCfgParser::host() { tn = LT(1); match(WORD); match(GREATER_THAN); -#line 580 "pf.g" +#line 588 "pf.g" - importer->tmp_group.push_back( - AddressSpec(AddressSpec::TABLE, false, tn->getText(), "")); + as.at = AddressSpec::TABLE; + as.address = tn->getText(); -#line 2289 "PFCfgParser.cpp" +#line 2282 "PFCfgParser.cpp" break; } default: @@ -2294,6 +2287,11 @@ void PFCfgParser::host() { } } } +#line 593 "pf.g" + + importer->tmp_group.push_back(as); + +#line 2295 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2314,11 +2312,11 @@ void PFCfgParser::host_list() { host(); } else { - goto _loop90; + goto _loop89; } } - _loop90:; + _loop89:; } // ( ... )* match(CLOSING_BRACE); } @@ -2351,11 +2349,11 @@ void PFCfgParser::route_to() { } } } -#line 604 "pf.g" +#line 615 "pf.g" importer->route_type = PFImporter::ROUTE_TO; -#line 2359 "PFCfgParser.cpp" +#line 2357 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2386,11 +2384,11 @@ void PFCfgParser::reply_to() { } } } -#line 611 "pf.g" +#line 622 "pf.g" importer->route_type = PFImporter::REPLY_TO; -#line 2394 "PFCfgParser.cpp" +#line 2392 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2404,16 +2402,16 @@ void PFCfgParser::routehost() { ANTLR_USE_NAMESPACE(antlr)RefToken v6 = ANTLR_USE_NAMESPACE(antlr)nullToken; ANTLR_USE_NAMESPACE(antlr)RefToken nm = ANTLR_USE_NAMESPACE(antlr)nullToken; ANTLR_USE_NAMESPACE(antlr)RefToken nm6 = ANTLR_USE_NAMESPACE(antlr)nullToken; -#line 616 "pf.g" +#line 627 "pf.g" RouteSpec rs; -#line 2410 "PFCfgParser.cpp" +#line 2408 "PFCfgParser.cpp" try { // for error handling match(OPENING_PAREN); match(WORD); -#line 618 "pf.g" +#line 629 "pf.g" rs.iface = LT(0)->getText(); -#line 2417 "PFCfgParser.cpp" +#line 2415 "PFCfgParser.cpp" { switch ( LA(1)) { case IPV4: @@ -2471,7 +2469,7 @@ void PFCfgParser::routehost() { } } } -#line 620 "pf.g" +#line 631 "pf.g" if (v6) { @@ -2485,7 +2483,7 @@ void PFCfgParser::routehost() { importer->route_group.push_back(rs); } -#line 2489 "PFCfgParser.cpp" +#line 2487 "PFCfgParser.cpp" match(CLOSING_PAREN); } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { @@ -2523,11 +2521,11 @@ void PFCfgParser::routehost_list() { routehost(); } else { - goto _loop103; + goto _loop102; } } - _loop103:; + _loop102:; } // ( ... )* match(CLOSING_BRACE); } @@ -2609,12 +2607,12 @@ void PFCfgParser::tcp_flags() { case ANY: { match(ANY); -#line 677 "pf.g" +#line 688 "pf.g" importer->flags_check = "any"; importer->flags_mask = "all"; -#line 2618 "PFCfgParser.cpp" +#line 2616 "PFCfgParser.cpp" break; } case WORD: @@ -2669,7 +2667,7 @@ void PFCfgParser::tcp_flags() { } } } -#line 683 "pf.g" +#line 694 "pf.g" if (check) importer->flags_check = check->getText(); @@ -2680,7 +2678,7 @@ void PFCfgParser::tcp_flags() { else importer->flags_mask = "all"; -#line 2684 "PFCfgParser.cpp" +#line 2682 "PFCfgParser.cpp" break; } default: @@ -2732,13 +2730,13 @@ void PFCfgParser::icmp6_type() { try { // for error handling match(ICMP6_TYPE); -#line 729 "pf.g" +#line 740 "pf.g" importer->addMessageToLog( QString("Error: ICMP6 import is not supported. ")); consumeUntil(NEWLINE); -#line 2742 "PFCfgParser.cpp" +#line 2740 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2752,11 +2750,11 @@ void PFCfgParser::tagged() { try { // for error handling match(TAGGED); match(WORD); -#line 738 "pf.g" +#line 749 "pf.g" importer->tagged = LT(0)->getText(); -#line 2760 "PFCfgParser.cpp" +#line 2758 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2770,11 +2768,11 @@ void PFCfgParser::tag_clause() { try { // for error handling match(TAG); match(WORD); -#line 745 "pf.g" +#line 756 "pf.g" importer->tag = LT(0)->getText(); -#line 2778 "PFCfgParser.cpp" +#line 2776 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -2814,11 +2812,11 @@ void PFCfgParser::state() { } } } -#line 760 "pf.g" +#line 771 "pf.g" importer->state_op = LT(0)->getText(); -#line 2822 "PFCfgParser.cpp" +#line 2820 "PFCfgParser.cpp" match(STATE); } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { @@ -2837,36 +2835,36 @@ void PFCfgParser::queue() { case WORD: { match(WORD); -#line 769 "pf.g" +#line 780 "pf.g" importer->queue += LT(0)->getText(); -#line 2843 "PFCfgParser.cpp" +#line 2841 "PFCfgParser.cpp" break; } case OPENING_PAREN: { match(OPENING_PAREN); match(WORD); -#line 772 "pf.g" +#line 783 "pf.g" importer->queue += LT(0)->getText(); -#line 2852 "PFCfgParser.cpp" +#line 2850 "PFCfgParser.cpp" { // ( ... )* for (;;) { if ((LA(1) == COMMA)) { match(COMMA); -#line 774 "pf.g" +#line 785 "pf.g" importer->queue += ","; -#line 2859 "PFCfgParser.cpp" +#line 2857 "PFCfgParser.cpp" match(WORD); -#line 775 "pf.g" +#line 786 "pf.g" importer->queue += LT(0)->getText(); -#line 2863 "PFCfgParser.cpp" +#line 2861 "PFCfgParser.cpp" } else { - goto _loop131; + goto _loop130; } } - _loop131:; + _loop130:; } // ( ... )* match(CLOSING_PAREN); break; @@ -2899,9 +2897,9 @@ void PFCfgParser::label() { void PFCfgParser::icmp_type_code() { Tracer traceInOut(this, "icmp_type_code"); -#line 705 "pf.g" +#line 716 "pf.g" std::string icmp_type, icmp_code; -#line 2905 "PFCfgParser.cpp" +#line 2903 "PFCfgParser.cpp" try { // for error handling { @@ -2922,9 +2920,9 @@ void PFCfgParser::icmp_type_code() { } } } -#line 706 "pf.g" +#line 717 "pf.g" icmp_type = LT(0)->getText(); -#line 2928 "PFCfgParser.cpp" +#line 2926 "PFCfgParser.cpp" { switch ( LA(1)) { case ICMP_CODE: @@ -2948,9 +2946,9 @@ void PFCfgParser::icmp_type_code() { } } } -#line 708 "pf.g" +#line 719 "pf.g" icmp_code = LT(0)->getText(); -#line 2954 "PFCfgParser.cpp" +#line 2952 "PFCfgParser.cpp" break; } case NEWLINE: @@ -2978,12 +2976,12 @@ void PFCfgParser::icmp_type_code() { } } } -#line 710 "pf.g" +#line 721 "pf.g" importer->icmp_type_code_group.push_back( str_tuple(icmp_type, icmp_code)); -#line 2987 "PFCfgParser.cpp" +#line 2985 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -3021,11 +3019,11 @@ void PFCfgParser::icmp_list() { icmp_type_code(); } else { - goto _loop122; + goto _loop121; } } - _loop122:; + _loop121:; } // ( ... )* match(CLOSING_BRACE); } @@ -3037,9 +3035,9 @@ void PFCfgParser::icmp_list() { void PFCfgParser::port_op() { Tracer traceInOut(this, "port_op"); -#line 829 "pf.g" +#line 840 "pf.g" PortSpec ps; -#line 3043 "PFCfgParser.cpp" +#line 3041 "PFCfgParser.cpp" try { // for error handling { @@ -3050,39 +3048,39 @@ void PFCfgParser::port_op() { case EXLAMATION: { unary_port_op(); -#line 831 "pf.g" +#line 842 "pf.g" ps.port_op = importer->tmp_port_op; -#line 3056 "PFCfgParser.cpp" +#line 3054 "PFCfgParser.cpp" port_def(); -#line 833 "pf.g" +#line 844 "pf.g" ps.port1 = importer->tmp_port_def; ps.port2 = importer->tmp_port_def; -#line 3063 "PFCfgParser.cpp" +#line 3061 "PFCfgParser.cpp" break; } case WORD: case INT_CONST: { port_def(); -#line 839 "pf.g" +#line 850 "pf.g" ps.port1 = importer->tmp_port_def; ps.port2 = ps.port1; ps.port_op = "="; -#line 3076 "PFCfgParser.cpp" +#line 3074 "PFCfgParser.cpp" { if ((LA(1) == LESS_THAN || LA(1) == GREATER_THAN || LA(1) == COLON) && (_tokenSet_27.member(LA(2)))) { binary_port_op(); -#line 845 "pf.g" +#line 856 "pf.g" ps.port_op = importer->tmp_port_op; -#line 3082 "PFCfgParser.cpp" +#line 3080 "PFCfgParser.cpp" port_def(); -#line 846 "pf.g" +#line 857 "pf.g" ps.port2 = LT(0)->getText(); -#line 3086 "PFCfgParser.cpp" +#line 3084 "PFCfgParser.cpp" } else if ((_tokenSet_28.member(LA(1))) && (_tokenSet_29.member(LA(2)))) { } @@ -3099,11 +3097,11 @@ void PFCfgParser::port_op() { } } } -#line 849 "pf.g" +#line 860 "pf.g" importer->tmp_port_group.push_back(ps); -#line 3107 "PFCfgParser.cpp" +#line 3105 "PFCfgParser.cpp" } catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) { reportError(ex); @@ -3145,11 +3143,11 @@ void PFCfgParser::port_op_list() { port_op(); } else { - goto _loop148; + goto _loop147; } } - _loop148:; + _loop147:; } // ( ... )* match(CLOSING_BRACE); } @@ -3168,46 +3166,46 @@ void PFCfgParser::unary_port_op() { case EQUAL: { match(EQUAL); -#line 805 "pf.g" +#line 816 "pf.g" importer->tmp_port_op = "="; -#line 3174 "PFCfgParser.cpp" +#line 3172 "PFCfgParser.cpp" break; } case EXLAMATION: { match(EXLAMATION); match(EQUAL); -#line 807 "pf.g" +#line 818 "pf.g" importer->tmp_port_op = "!="; -#line 3183 "PFCfgParser.cpp" +#line 3181 "PFCfgParser.cpp" break; } default: if ((LA(1) == LESS_THAN) && (LA(2) == WORD || LA(2) == INT_CONST)) { match(LESS_THAN); -#line 809 "pf.g" +#line 820 "pf.g" importer->tmp_port_op = "<"; -#line 3191 "PFCfgParser.cpp" +#line 3189 "PFCfgParser.cpp" } else if ((LA(1) == LESS_THAN) && (LA(2) == EQUAL)) { match(LESS_THAN); match(EQUAL); -#line 811 "pf.g" +#line 822 "pf.g" importer->tmp_port_op = "<="; -#line 3198 "PFCfgParser.cpp" +#line 3196 "PFCfgParser.cpp" } else if ((LA(1) == GREATER_THAN) && (LA(2) == WORD || LA(2) == INT_CONST)) { match(GREATER_THAN); -#line 813 "pf.g" +#line 824 "pf.g" importer->tmp_port_op = ">"; -#line 3204 "PFCfgParser.cpp" +#line 3202 "PFCfgParser.cpp" } else if ((LA(1) == GREATER_THAN) && (LA(2) == EQUAL)) { match(GREATER_THAN); match(EQUAL); -#line 815 "pf.g" +#line 826 "pf.g" importer->tmp_port_op = ">="; -#line 3211 "PFCfgParser.cpp" +#line 3209 "PFCfgParser.cpp" } else { throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename()); @@ -3231,26 +3229,26 @@ void PFCfgParser::binary_port_op() { { match(LESS_THAN); match(GREATER_THAN); -#line 821 "pf.g" +#line 832 "pf.g" importer->tmp_port_op = "<>"; -#line 3237 "PFCfgParser.cpp" +#line 3235 "PFCfgParser.cpp" break; } case GREATER_THAN: { match(GREATER_THAN); match(LESS_THAN); -#line 823 "pf.g" +#line 834 "pf.g" importer->tmp_port_op = "><"; -#line 3246 "PFCfgParser.cpp" +#line 3244 "PFCfgParser.cpp" break; } case COLON: { match(COLON); -#line 825 "pf.g" +#line 836 "pf.g" importer->tmp_port_op = ":"; -#line 3254 "PFCfgParser.cpp" +#line 3252 "PFCfgParser.cpp" break; } default: @@ -3279,11 +3277,11 @@ void PFCfgParser::port_def() { case INT_CONST: { match(INT_CONST); -#line 856 "pf.g" +#line 867 "pf.g" importer->tmp_port_def = LT(0)->getText(); -#line 3287 "PFCfgParser.cpp" +#line 3285 "PFCfgParser.cpp" break; } default: diff --git a/src/parsers/PFCfgParser.hpp b/src/parsers/PFCfgParser.hpp index 5b6aca760..a3ac5a9f6 100644 --- a/src/parsers/PFCfgParser.hpp +++ b/src/parsers/PFCfgParser.hpp @@ -9,7 +9,7 @@ #line 11 "PFCfgParser.hpp" #include -/* $ANTLR 2.7.7 (20090306): "pf.g" -> "PFCfgParser.hpp"$ */ +/* $ANTLR 2.7.7 (20100319): "pf.g" -> "PFCfgParser.hpp"$ */ #include #include #include "PFCfgParserTokenTypes.hpp" diff --git a/src/parsers/PFCfgParserTokenTypes.hpp b/src/parsers/PFCfgParserTokenTypes.hpp index d94fb5eac..16d857454 100644 --- a/src/parsers/PFCfgParserTokenTypes.hpp +++ b/src/parsers/PFCfgParserTokenTypes.hpp @@ -1,7 +1,7 @@ #ifndef INC_PFCfgParserTokenTypes_hpp_ #define INC_PFCfgParserTokenTypes_hpp_ -/* $ANTLR 2.7.7 (20090306): "pf.g" -> "PFCfgParserTokenTypes.hpp"$ */ +/* $ANTLR 2.7.7 (20100319): "pf.g" -> "PFCfgParserTokenTypes.hpp"$ */ #ifndef CUSTOM_API # define CUSTOM_API diff --git a/src/parsers/PFCfgParserTokenTypes.txt b/src/parsers/PFCfgParserTokenTypes.txt index 827205a38..df88656b6 100644 --- a/src/parsers/PFCfgParserTokenTypes.txt +++ b/src/parsers/PFCfgParserTokenTypes.txt @@ -1,4 +1,4 @@ -// $ANTLR 2.7.7 (20090306): pf.g -> PFCfgParserTokenTypes.txt$ +// $ANTLR 2.7.7 (20100319): pf.g -> PFCfgParserTokenTypes.txt$ PFCfgParser // output token vocab name NEWLINE=4 LINE_COMMENT=5 diff --git a/src/parsers/pf.g b/src/parsers/pf.g index 85ec8f114..eee2d6de8 100644 --- a/src/parsers/pf.g +++ b/src/parsers/pf.g @@ -228,7 +228,8 @@ table_command : ( FILE file:STRING { - importer->newAddressTableObject(name->getText(), file->getText()); + importer->newAddressTableObject( + name->getText(), file->getText()); } | OPENING_BRACE @@ -239,7 +240,8 @@ table_command : )* CLOSING_BRACE { - importer->newAddressTableObject(name->getText(), importer->tmp_group); + importer->newAddressTableObject( + name->getText(), importer->tmp_group); } ) ; @@ -247,9 +249,17 @@ table_command : tableaddr_spec { AddressSpec as; } : ( EXLAMATION { as.neg = true; } )? ( - WORD { as.at = AddressSpec::INTERFACE_NAME; as.address = LT(0)->getText(); } + WORD + { + as.at = AddressSpec::INTERFACE_NAME; + as.address = LT(0)->getText(); + } | - SELF { as.at = AddressSpec::SPECIAL_ADDRESS; as.address = "self"; } + SELF + { + as.at = AddressSpec::SPECIAL_ADDRESS; + as.address = "self"; + } | IPV4 { @@ -523,12 +533,6 @@ common_hosts_part : importer->tmp_group.push_back( AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0")); } - | - SELF - { - importer->tmp_group.push_back( - AddressSpec(AddressSpec::SPECIAL_ADDRESS, false, "self", "")); - } | NO_ROUTE { @@ -541,47 +545,54 @@ common_hosts_part : host_list ; -host : +host { AddressSpec as; } : + ( EXLAMATION { as.neg = true; } )? ( - EXLAMATION - { - importer->tmp_neg = true; - } - )? - ( - (h:IPV4 | v6:IPV6) (SLASH (nm:IPV4 | nm6:INT_CONST))? - { - if (v6) - { - importer->addMessageToLog( - QString("Error: IPv6 import is not supported. ")); - consumeUntil(NEWLINE); - } else - { - std::string addr = "0.0.0.0"; - std::string netm = "255.255.255.255"; - if (h) addr = h->getText(); - if (nm) netm = nm->getText(); - importer->tmp_group.push_back( - AddressSpec(AddressSpec::NETWORK_ADDRESS, false, - addr, netm)); - } - } - | WORD { - // This should be an interface name - importer->tmp_group.push_back( - AddressSpec(AddressSpec::INTERFACE_NAME, false, - LT(0)->getText(), "")); + // interface name or domain/host name + as.at = AddressSpec::INTERFACE_NAME; + as.address = LT(0)->getText(); } + | + SELF + { + as.at = AddressSpec::SPECIAL_ADDRESS; + as.address = "self"; + } + | + IPV6 + { + importer->addMessageToLog( + QString("Error: IPv6 import is not supported. ")); + consumeUntil(NEWLINE); + } + | + IPV4 + { + as.at = AddressSpec::HOST_ADDRESS; + as.address = LT(0)->getText(); + } + ( + SLASH + { + as.at = AddressSpec::NETWORK_ADDRESS; + } + ( IPV4 | INT_CONST ) + { + as.netmask = LT(0)->getText(); + } + )? | LESS_THAN tn:WORD GREATER_THAN { - importer->tmp_group.push_back( - AddressSpec(AddressSpec::TABLE, false, tn->getText(), "")); + as.at = AddressSpec::TABLE; + as.address = tn->getText(); } ) + { + importer->tmp_group.push_back(as); + } ; host_list : diff --git a/test/pf/pf_cluster_4_rc.conf.local b/test/pf/pf_cluster_4_rc.conf.local index 7885d0da5..2be73ee54 100755 --- a/test/pf/pf_cluster_4_rc.conf.local +++ b/test/pf/pf_cluster_4_rc.conf.local @@ -1,9 +1,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_pf v4.3.0.3542 +# Firewall Builder fwb_pf v4.3.0.3546 # -# Generated Sat May 14 15:46:00 2011 PDT by vadim +# Generated Thu May 26 12:05:36 2011 PDT by vadim # # files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local # files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf