onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 01:37:17 +01:00
Code Issues Releases Wiki Activity

see #87 tested parser on pix6, pix7 and asa8 configs, making sure it parses different interface configurations correctly

Browse Source
This commit is contained in:
Vadim Kurland 2011-02-25 20:40:04 -08:00
parent dfb9983a7c
commit 59562d852c
8 changed files with 368 additions and 324 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/ChangeLog
View File

@ -1,3 +1,13 @@
2011-02-25 vadim <vadim@netcitadel.com>
* parsers/pix.g (intf_address): see #87 "Import of PIX
configuration". Basic grammar that can parse host name, version,
interfaces, their names, labels, addresses, security levels and
few other things for PIX 6, 7 and ASA 8. PIX standby configuration
is not parsed (so we can't import cluster configuration at this
time). More work needs to be done to import named objects, object
groups, as well as policy and nat rules.
2011-02-24 Vadim Kurland <vadim@netcitadel.com>
* FirewallInstaller.cpp (getGeneratedFileName): see #2047 "Inspect

17
src/libgui/PIXImporterRun.cpp
View File

@ -81,7 +81,22 @@ void PIXImporter::run()
if (haveFirewallObject())
{
if (countInterfaces()==0) err << noInterfacesErrorMessage();
if (countRules()==0) err << noRulesErrorMessage();
// if (countRules()==0) err << noRulesErrorMessage();
if (countRules()==0)
{
// temporary error message, replace with the standard one when
// done
err << QObject::tr(
"\n\n"
"Import of PIX and ASA policy and NAT rules is not "
"implemented yet but is planned for fwbuilder v4.2.0 release. "
"Please watch nightly builds on "
"http://www.fwbuilder.org/nightly_builds/fwbuilder-4.2/current_build/ "
"if you are interested in this feature."
"\n\n"
);
}
} else
{
err << parser_err;

253
src/parsers/PIXCfgLexer.cpp
View File

@ -47,19 +47,20 @@ PIXCfgLexer::PIXCfgLexer(const ANTLR_USE_NAMESPACE(antlr)LexerSharedInputState&
void PIXCfgLexer::initLiterals()
{
literals["host"] = 28;
literals["setroute"] = 46;
literals["setroute"] = 54;
literals["log"] = 31;
literals["access-list"] = 16;
literals["interface"] = 37;
literals["standby"] = 53;
literals["remark"] = 42;
literals["certificate"] = 9;
literals["exit"] = 51;
literals["exit"] = 49;
literals["udp"] = 22;
literals["tcp"] = 21;
literals["controller"] = 36;
literals["eq"] = 23;
literals["ip"] = 5;
literals["access-group"] = 50;
literals["access-group"] = 48;
literals["time-range"] = 35;
literals["community-list"] = 7;
literals["icmp"] = 20;
@ -67,16 +68,16 @@ void PIXCfgLexer::initLiterals()
literals["Version"] = 12;
literals["nameif"] = 40;
literals["security-level"] = 39;
literals["secondary"] = 47;
literals["access"] = 49;
literals["secondary"] = 52;
literals["access"] = 47;
literals["lt"] = 25;
literals["range"] = 27;
literals["switchport"] = 48;
literals["switchport"] = 46;
literals["log-input"] = 32;
literals["standard"] = 55;
literals["standard"] = 56;
literals["gt"] = 24;
literals["permit"] = 18;
literals["extended"] = 54;
literals["extended"] = 55;
literals["address"] = 44;
literals["established"] = 33;
literals["dhcp"] = 45;
@ -406,11 +407,11 @@ void PIXCfgLexer::mLINE_COMMENT(bool _createToken) {
}
}
else {
goto _loop89;
goto _loop87;
}
}
_loop89:;
_loop87:;
} // ( ... )*
mNEWLINE(false);
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -442,9 +443,9 @@ void PIXCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 763 "pix.g"
#line 778 "pix.g"
newline();
#line 448 "PIXCfgLexer.cpp"
#line 449 "PIXCfgLexer.cpp"
}
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
_token = makeToken(_ttype);
@ -468,11 +469,11 @@ void PIXCfgLexer::mCOLON_COMMENT(bool _createToken) {
}
}
else {
goto _loop93;
goto _loop91;
}
}
_loop93:;
_loop91:;
} // ( ... )*
mNEWLINE(false);
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -566,9 +567,9 @@ void PIXCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 758 "pix.g"
#line 773 "pix.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 572 "PIXCfgLexer.cpp"
#line 573 "PIXCfgLexer.cpp"
}
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
_token = makeToken(_ttype);
@ -680,14 +681,29 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
ANTLR_USE_NAMESPACE(std)string::size_type _saveIndex;
{
bool synPredMatched112 = false;
bool synPredMatched110 = false;
if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_2.member(LA(2))) && (_tokenSet_2.member(LA(3))) && (_tokenSet_2.member(LA(4))) && (_tokenSet_2.member(LA(5))) && (_tokenSet_2.member(LA(6))) && (_tokenSet_2.member(LA(7))) && (true) && (true) && (true))) {
int _m112 = mark();
synPredMatched112 = true;
int _m110 = mark();
synPredMatched110 = true;
inputState->guessing++;
try {
{
{ // ( ... )+
int _cnt105=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt105>=1 ) { goto _loop105; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt105++;
}
_loop105:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt107=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
@ -716,32 +732,32 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
}
_loop109:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt111=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt111>=1 ) { goto _loop111; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt111++;
}
_loop111:;
} // ( ... )+
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched112 = false;
synPredMatched110 = false;
}
rewind(_m112);
rewind(_m110);
inputState->guessing--;
}
if ( synPredMatched112 ) {
if ( synPredMatched110 ) {
{
{ // ( ... )+
int _cnt113=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt113>=1 ) { goto _loop113; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt113++;
}
_loop113:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt115=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
@ -785,37 +801,37 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
}
_loop119:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt121=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt121>=1 ) { goto _loop121; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt121++;
}
_loop121:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 783 "pix.g"
#line 798 "pix.g"
_ttype = IPV4;
#line 808 "PIXCfgLexer.cpp"
#line 809 "PIXCfgLexer.cpp"
}
}
else {
bool synPredMatched127 = false;
bool synPredMatched125 = false;
if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_2.member(LA(2))) && (_tokenSet_2.member(LA(3))) && (true) && (true) && (true) && (true) && (true) && (true) && (true))) {
int _m127 = mark();
synPredMatched127 = true;
int _m125 = mark();
synPredMatched125 = true;
inputState->guessing++;
try {
{
{ // ( ... )+
int _cnt122=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt122>=1 ) { goto _loop122; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt122++;
}
_loop122:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt124=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
@ -829,32 +845,32 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
}
_loop124:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt126=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt126>=1 ) { goto _loop126; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt126++;
}
_loop126:;
} // ( ... )+
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched127 = false;
synPredMatched125 = false;
}
rewind(_m127);
rewind(_m125);
inputState->guessing--;
}
if ( synPredMatched127 ) {
if ( synPredMatched125 ) {
{
{ // ( ... )+
int _cnt128=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt128>=1 ) { goto _loop128; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt128++;
}
_loop128:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt130=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
@ -868,7 +884,34 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
}
_loop130:;
} // ( ... )+
mDOT(false);
}
}
else if ((LA(1) == 0x30 /* '0' */ ) && (LA(2) == 0x78 /* 'x' */ )) {
{
match('0' /* charlit */ );
match('x' /* charlit */ );
{ // ( ... )+
int _cnt135=0;
for (;;) {
if ((_tokenSet_3.member(LA(1)))) {
mHEXDIGIT(false);
}
else {
if ( _cnt135>=1 ) { goto _loop135; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt135++;
}
_loop135:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 804 "pix.g"
_ttype = HEX_CONST;
#line 912 "PIXCfgLexer.cpp"
}
}
else if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (true) && (true) && (true) && (true) && (true) && (true) && (true) && (true) && (true)) {
{ // ( ... )+
int _cnt132=0;
for (;;) {
@ -883,52 +926,10 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
}
_loop132:;
} // ( ... )+
}
}
else if ((LA(1) == 0x30 /* '0' */ ) && (LA(2) == 0x78 /* 'x' */ )) {
{
match('0' /* charlit */ );
match('x' /* charlit */ );
{ // ( ... )+
int _cnt137=0;
for (;;) {
if ((_tokenSet_3.member(LA(1)))) {
mHEXDIGIT(false);
}
else {
if ( _cnt137>=1 ) { goto _loop137; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt137++;
}
_loop137:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 789 "pix.g"
_ttype = HEX_CONST;
#line 911 "PIXCfgLexer.cpp"
}
}
else if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (true) && (true) && (true) && (true) && (true) && (true) && (true) && (true) && (true)) {
{ // ( ... )+
int _cnt134=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt134>=1 ) { goto _loop134; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt134++;
}
_loop134:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 787 "pix.g"
#line 802 "pix.g"
_ttype = INT_CONST;
#line 932 "PIXCfgLexer.cpp"
#line 933 "PIXCfgLexer.cpp"
}
}
else {
@ -1189,11 +1190,11 @@ void PIXCfgLexer::mWORD(bool _createToken) {
}
default:
{
goto _loop141;
goto _loop139;
}
}
}
_loop141:;
_loop139:;
} // ( ... )*
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
_token = makeToken(_ttype);
@ -1215,11 +1216,11 @@ void PIXCfgLexer::mSTRING(bool _createToken) {
matchNot('\"' /* charlit */ );
}
else {
goto _loop144;
goto _loop142;
}
}
_loop144:;
_loop142:;
} // ( ... )*
match('\"' /* charlit */ );
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -1589,7 +1590,7 @@ const unsigned long PIXCfgLexer::_tokenSet_1_data_[] = { 4294958072UL, 429496729
// 0x3 0x4 0x5 0x6 0x7 0x8 0x9 0xb 0xc 0xe 0xf 0x10 0x11 0x12 0x13 0x14
// 0x15 0x16 0x17 0x18 0x19 0x1a 0x1b 0x1c 0x1d 0x1e 0x1f ! \" # $ %
// & \' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G
// H I J K L M N O P Q R S T U V W
// H I J K L M N O P Q R S T U V W X
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgLexer::_tokenSet_1(_tokenSet_1_data_,16);
const unsigned long PIXCfgLexer::_tokenSet_2_data_[] = { 0UL, 67059712UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
// . 0 1 2 3 4 5 6 7 8 9
@ -1601,6 +1602,6 @@ const unsigned long PIXCfgLexer::_tokenSet_4_data_[] = { 4294967288UL, 429496729
// 0x3 0x4 0x5 0x6 0x7 0x8 0x9 0xa 0xb 0xc 0xd 0xe 0xf 0x10 0x11 0x12 0x13
// 0x14 0x15 0x16 0x17 0x18 0x19 0x1a 0x1b 0x1c 0x1d 0x1e 0x1f ! # $
// % & \' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F
// G H I J K L M N O P Q R S T U V W
// G H I J K L M N O P Q R S T U V W X
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgLexer::_tokenSet_4(_tokenSet_4_data_,16);

189
src/parsers/PIXCfgParser.cpp
View File

@ -1864,7 +1864,7 @@ void PIXCfgParser::switchport() {
vlan_num = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 620 "pix.g"
#line 634 "pix.g"
#line 1871 "PIXCfgParser.cpp"
@ -1882,54 +1882,18 @@ void PIXCfgParser::switchport() {
void PIXCfgParser::v6_ip_address() {
Tracer traceInOut(this, "v6_ip_address");
ANTLR_USE_NAMESPACE(antlr)RefToken lbl = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken dhcp = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken a = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken m = ANTLR_USE_NAMESPACE(antlr)nullToken;
try { // for error handling
lbl = LT(1);
match(WORD);
{
switch ( LA(1)) {
case DHCP:
{
dhcp = LT(1);
match(DHCP);
break;
if ((LA(1) == WORD) && (LA(2) == DHCP)) {
v6_dhcp_address();
}
case IPV4:
{
{
a = LT(1);
match(IPV4);
m = LT(1);
match(IPV4);
}
break;
else if ((LA(1) == WORD) && (LA(2) == IPV4)) {
v6_static_address();
}
default:
{
else {
throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
}
}
}
if ( inputState->guessing==0 ) {
#line 576 "pix.g"
std::string label = lbl->getText();
std::string addr;
if (a) addr = a->getText();
if (dhcp) addr = dhcp->getText();
std::string netm;
if (m) netm = m->getText();
importer->addInterfaceAddress(label, addr, netm);
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << "/" << netm << std::endl;
#line 1931 "PIXCfgParser.cpp"
}
match(NEWLINE);
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
if( inputState->guessing == 0 ) {
@ -1972,6 +1936,79 @@ void PIXCfgParser::v7_ip_address() {
}
}
void PIXCfgParser::v6_dhcp_address() {
Tracer traceInOut(this, "v6_dhcp_address");
ANTLR_USE_NAMESPACE(antlr)RefToken lbl = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken dhcp = ANTLR_USE_NAMESPACE(antlr)nullToken;
try { // for error handling
lbl = LT(1);
match(WORD);
dhcp = LT(1);
match(DHCP);
if ( inputState->guessing==0 ) {
#line 578 "pix.g"
std::string label = lbl->getText();
std::string addr = dhcp->getText();
importer->addInterfaceAddress(label, addr, "");
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << std::endl;
// there can be some other parameters after "dhcp", such as "setroute", "retry" etc.
// which we do not support
consumeUntil(NEWLINE);
#line 1962 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
if( inputState->guessing == 0 ) {
reportError(ex);
recover(ex,_tokenSet_2);
} else {
throw;
}
}
}
void PIXCfgParser::v6_static_address() {
Tracer traceInOut(this, "v6_static_address");
ANTLR_USE_NAMESPACE(antlr)RefToken lbl = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken a = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken m = ANTLR_USE_NAMESPACE(antlr)nullToken;
try { // for error handling
lbl = LT(1);
match(WORD);
a = LT(1);
match(IPV4);
m = LT(1);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 591 "pix.g"
std::string label = lbl->getText();
std::string addr = a->getText();
std::string netm = m->getText();
importer->addInterfaceAddress(label, addr, netm);
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << "/" << netm << std::endl;
// in case there are some other parameters after address and netmask
consumeUntil(NEWLINE);
#line 2000 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
if( inputState->guessing == 0 ) {
reportError(ex);
recover(ex,_tokenSet_2);
} else {
throw;
}
}
}
void PIXCfgParser::v7_dhcp_address() {
Tracer traceInOut(this, "v7_dhcp_address");
ANTLR_USE_NAMESPACE(antlr)RefToken dhcp = ANTLR_USE_NAMESPACE(antlr)nullToken;
@ -1979,34 +2016,17 @@ void PIXCfgParser::v7_dhcp_address() {
try { // for error handling
dhcp = LT(1);
match(DHCP);
{
switch ( LA(1)) {
case SETROUTE:
{
match(SETROUTE);
break;
}
case NEWLINE:
{
break;
}
default:
{
throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
}
}
}
if ( inputState->guessing==0 ) {
#line 593 "pix.g"
#line 608 "pix.g"
std::string addr = dhcp->getText();
importer->addInterfaceAddress(addr, "");
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << std::endl;
consumeUntil(NEWLINE);
#line 2008 "PIXCfgParser.cpp"
#line 2029 "PIXCfgParser.cpp"
}
match(NEWLINE);
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
if( inputState->guessing == 0 ) {
@ -2022,48 +2042,26 @@ void PIXCfgParser::v7_static_address() {
Tracer traceInOut(this, "v7_static_address");
ANTLR_USE_NAMESPACE(antlr)RefToken a = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken m = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken s = ANTLR_USE_NAMESPACE(antlr)nullToken;
try { // for error handling
a = LT(1);
match(IPV4);
m = LT(1);
match(IPV4);
{
switch ( LA(1)) {
case SECONDARY:
{
s = LT(1);
match(SECONDARY);
break;
}
case NEWLINE:
{
break;
}
default:
{
throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
}
}
}
if ( inputState->guessing==0 ) {
#line 603 "pix.g"
#line 619 "pix.g"
std::string addr = a->getText();
std::string netm = m->getText();
importer->addInterfaceAddress(addr, netm);
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << "/" << netm << std::endl;
if (s)
{
*dbg << s->getText();
}
*dbg << std::endl;
// there can be other parameters after address/netmask pair, such as "standby"
// We do not parse them yet.
consumeUntil(NEWLINE);
#line 2065 "PIXCfgParser.cpp"
#line 2064 "PIXCfgParser.cpp"
}
match(NEWLINE);
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
if( inputState->guessing == 0 ) {
@ -2091,7 +2089,7 @@ void PIXCfgParser::access_group_by_name() {
intf_label = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 627 "pix.g"
#line 641 "pix.g"
importer->setInterfaceAndDirectionForRuleSet(
acln->getText(),
@ -2102,7 +2100,7 @@ void PIXCfgParser::access_group_by_name() {
<< " " << intf_label->getText()
<< " " << dir->getText() << std::endl;
#line 2106 "PIXCfgParser.cpp"
#line 2104 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2165,14 +2163,15 @@ const char* PIXCfgParser::tokenNames[] = {
"\"shutdown\"",
"\"address\"",
"\"dhcp\"",
"\"setroute\"",
"\"secondary\"",
"\"switchport\"",
"\"access\"",
"\"access-group\"",
"\"exit\"",
"LINE_COMMENT",
"COLON_COMMENT",
"\"secondary\"",
"\"standby\"",
"\"setroute\"",
"\"extended\"",
"\"standard\"",
"Whitespace",
@ -2213,7 +2212,7 @@ const char* PIXCfgParser::tokenNames[] = {
const unsigned long PIXCfgParser::_tokenSet_0_data_[] = { 2UL, 0UL, 0UL, 0UL };
// EOF
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_0(_tokenSet_0_data_,4);
const unsigned long PIXCfgParser::_tokenSet_1_data_[] = { 85874UL, 3673072UL, 0UL, 0UL };
const unsigned long PIXCfgParser::_tokenSet_1_data_[] = { 85874UL, 920560UL, 0UL, 0UL };
// EOF NEWLINE "ip" "quit" WORD "certificate" "PIX" "ASA" "hostname" "access-list"
// "controller" "interface" "vlan" "security-level" "nameif" "description"
// "shutdown" "exit" LINE_COMMENT COLON_COMMENT

6
src/parsers/PIXCfgParser.hpp
View File

@ -105,6 +105,8 @@ public:
public: void switchport();
public: void v6_ip_address();
public: void v7_ip_address();
public: void v6_dhcp_address();
public: void v6_static_address();
public: void v7_dhcp_address();
public: void v7_static_address();
public: void access_group_by_name();
@ -119,10 +121,10 @@ protected:
private:
static const char* tokenNames[];
#ifndef NO_STATIC_CONSTS
static const int NUM_TOKENS = 88;
static const int NUM_TOKENS = 89;
#else
enum {
NUM_TOKENS = 88
NUM_TOKENS = 89
};
#endif

85
src/parsers/PIXCfgParserTokenTypes.hpp
View File

@ -54,48 +54,49 @@ struct CUSTOM_API PIXCfgParserTokenTypes {
SHUTDOWN = 43,
ADDRESS = 44,
DHCP = 45,
SETROUTE = 46,
SECONDARY = 47,
SWITCHPORT = 48,
ACCESS = 49,
ACCESS_GROUP = 50,
EXIT = 51,
LINE_COMMENT = 52,
COLON_COMMENT = 53,
EXTENDED = 54,
STANDARD = 55,
Whitespace = 56,
HEX_CONST = 57,
NEG_INT_CONST = 58,
DIGIT = 59,
HEXDIGIT = 60,
PIPE_CHAR = 61,
NUMBER_SIGN = 62,
PERCENT = 63,
AMPERSAND = 64,
APOSTROPHE = 65,
OPENING_PAREN = 66,
CLOSING_PAREN = 67,
STAR = 68,
PLUS = 69,
COMMA = 70,
MINUS = 71,
DOT = 72,
SLASH = 73,
COLON = 74,
SEMICOLON = 75,
LESS_THAN = 76,
EQUALS = 77,
GREATER_THAN = 78,
QUESTION = 79,
COMMERCIAL_AT = 80,
OPENING_SQUARE = 81,
CLOSING_SQUARE = 82,
CARET = 83,
UNDERLINE = 84,
OPENING_BRACE = 85,
CLOSING_BRACE = 86,
TILDE = 87,
SWITCHPORT = 46,
ACCESS = 47,
ACCESS_GROUP = 48,
EXIT = 49,
LINE_COMMENT = 50,
COLON_COMMENT = 51,
SECONDARY = 52,
STANDBY = 53,
SETROUTE = 54,
EXTENDED = 55,
STANDARD = 56,
Whitespace = 57,
HEX_CONST = 58,
NEG_INT_CONST = 59,
DIGIT = 60,
HEXDIGIT = 61,
PIPE_CHAR = 62,
NUMBER_SIGN = 63,
PERCENT = 64,
AMPERSAND = 65,
APOSTROPHE = 66,
OPENING_PAREN = 67,
CLOSING_PAREN = 68,
STAR = 69,
PLUS = 70,
COMMA = 71,
MINUS = 72,
DOT = 73,
SLASH = 74,
COLON = 75,
SEMICOLON = 76,
LESS_THAN = 77,
EQUALS = 78,
GREATER_THAN = 79,
QUESTION = 80,
COMMERCIAL_AT = 81,
OPENING_SQUARE = 82,
CLOSING_SQUARE = 83,
CARET = 84,
UNDERLINE = 85,
OPENING_BRACE = 86,
CLOSING_BRACE = 87,
TILDE = 88,
NULL_TREE_LOOKAHEAD = 3
};
#ifdef __cplusplus

85
src/parsers/PIXCfgParserTokenTypes.txt
View File

@ -42,45 +42,46 @@ REMARK="remark"=42
SHUTDOWN="shutdown"=43
ADDRESS="address"=44
DHCP="dhcp"=45
SETROUTE="setroute"=46
SECONDARY="secondary"=47
SWITCHPORT="switchport"=48
ACCESS="access"=49
ACCESS_GROUP="access-group"=50
EXIT="exit"=51
LINE_COMMENT=52
COLON_COMMENT=53
EXTENDED="extended"=54
STANDARD="standard"=55
Whitespace=56
HEX_CONST=57
NEG_INT_CONST=58
DIGIT=59
HEXDIGIT=60
PIPE_CHAR=61
NUMBER_SIGN=62
PERCENT=63
AMPERSAND=64
APOSTROPHE=65
OPENING_PAREN=66
CLOSING_PAREN=67
STAR=68
PLUS=69
COMMA=70
MINUS=71
DOT=72
SLASH=73
COLON=74
SEMICOLON=75
LESS_THAN=76
EQUALS=77
GREATER_THAN=78
QUESTION=79
COMMERCIAL_AT=80
OPENING_SQUARE=81
CLOSING_SQUARE=82
CARET=83
UNDERLINE=84
OPENING_BRACE=85
CLOSING_BRACE=86
TILDE=87
SWITCHPORT="switchport"=46
ACCESS="access"=47
ACCESS_GROUP="access-group"=48
EXIT="exit"=49
LINE_COMMENT=50
COLON_COMMENT=51
SECONDARY="secondary"=52
STANDBY="standby"=53
SETROUTE="setroute"=54
EXTENDED="extended"=55
STANDARD="standard"=56
Whitespace=57
HEX_CONST=58
NEG_INT_CONST=59
DIGIT=60
HEXDIGIT=61
PIPE_CHAR=62
NUMBER_SIGN=63
PERCENT=64
AMPERSAND=65
APOSTROPHE=66
OPENING_PAREN=67
CLOSING_PAREN=68
STAR=69
PLUS=70
COMMA=71
MINUS=72
DOT=73
SLASH=74
COLON=75
SEMICOLON=76
LESS_THAN=77
EQUALS=78
GREATER_THAN=79
QUESTION=80
COMMERCIAL_AT=81
OPENING_SQUARE=82
CLOSING_SQUARE=83
CARET=84
UNDERLINE=85
OPENING_BRACE=86
CLOSING_BRACE=87
TILDE=88

47
src/parsers/pix.g
View File

@ -572,47 +572,61 @@ interface_known_commands :
intf_address : ADDRESS (v6_ip_address | v7_ip_address) ;
v6_ip_address : lbl:WORD (dhcp:DHCP | (a:IPV4 m:IPV4))
v6_ip_address : v6_dhcp_address | v6_static_address;
v6_dhcp_address : lbl:WORD dhcp:DHCP
{
std::string label = lbl->getText();
std::string addr;
if (a) addr = a->getText();
if (dhcp) addr = dhcp->getText();
std::string netm;
if (m) netm = m->getText();
std::string addr = dhcp->getText();
importer->addInterfaceAddress(label, addr, "");
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << std::endl;
// there can be some other parameters after "dhcp", such as "setroute", "retry" etc.
// which we do not support
consumeUntil(NEWLINE);
}
;
v6_static_address : lbl:WORD a:IPV4 m:IPV4
{
std::string label = lbl->getText();
std::string addr = a->getText();
std::string netm = m->getText();
importer->addInterfaceAddress(label, addr, netm);
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << "/" << netm << std::endl;
// in case there are some other parameters after address and netmask
consumeUntil(NEWLINE);
}
NEWLINE
;
v7_ip_address : v7_dhcp_address | v7_static_address;
v7_dhcp_address : dhcp:DHCP (SETROUTE) ?
v7_dhcp_address : dhcp:DHCP
{
std::string addr = dhcp->getText();
importer->addInterfaceAddress(addr, "");
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << std::endl;
consumeUntil(NEWLINE);
}
NEWLINE
// NEWLINE
;
v7_static_address : a:IPV4 m:IPV4 (s:SECONDARY)?
v7_static_address : a:IPV4 m:IPV4
{
std::string addr = a->getText();
std::string netm = m->getText();
importer->addInterfaceAddress(addr, netm);
*dbg << LT(1)->getLine() << ":"
<< " INTRFACE ADDRESS: " << addr << "/" << netm << std::endl;
if (s)
{
*dbg << s->getText();
}
*dbg << std::endl;
// there can be other parameters after address/netmask pair, such as "standby"
// We do not parse them yet.
consumeUntil(NEWLINE);
}
NEWLINE
// NEWLINE
;
@ -693,6 +707,7 @@ tokens
ADDRESS = "address";
SECONDARY = "secondary";
STANDBY = "standby";
COMMUNITY_LIST = "community-list";