mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-21 02:37:16 +01:00
see #2403 added test case file; fixed import of icmp services, added test case file; other fixes
This commit is contained in:
Vadim Kurland
parent
e89cc24466
commit
765060c29c
@ -106,8 +106,6 @@ class Importer
|
||||
|
||||
protected:
|
||||
|
||||
ObjectMakerErrorTracker *error_tracker;
|
||||
|
||||
AddressObjectMaker *address_maker;
|
||||
ServiceObjectMaker *service_maker;
|
||||
|
||||
@ -205,6 +203,8 @@ protected:
|
||||
|
||||
public:
|
||||
|
||||
ObjectMakerErrorTracker *error_tracker;
|
||||
|
||||
// making logger public so I can access it from the code in the grammar
|
||||
libfwbuilder::Logger *logger;
|
||||
|
||||
|
||||
@ -239,6 +239,8 @@ void PFImporter::addSrv()
|
||||
|
||||
re->addRef(
|
||||
commitObject(service_maker->createObject(sig)));
|
||||
|
||||
if (ps.port_op == "!=") re->setNeg(true);
|
||||
}
|
||||
|
||||
for (psi=dst_port_group.begin();
|
||||
@ -261,6 +263,8 @@ void PFImporter::addSrv()
|
||||
|
||||
re->addRef(
|
||||
commitObject(service_maker->createObject(sig)));
|
||||
|
||||
if (ps.port_op == "!=") re->setNeg(true);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -291,12 +295,13 @@ bool PFImporter::buildTCPUDPObjectSingature(ObjectSignature *sig,
|
||||
else
|
||||
sig->type_name = UDPService::TYPENAME;
|
||||
|
||||
bool range_inclusive = false;
|
||||
bool range_inclusive = true;
|
||||
QString port_op_cisco_style;
|
||||
|
||||
// map port operations from PF to Cisco-like
|
||||
|
||||
if (port_op == "=") port_op_cisco_style = "eq";
|
||||
if (port_op == "!=") port_op_cisco_style = "eq";
|
||||
if (port_op == "<=") port_op_cisco_style = "lt";
|
||||
if (port_op == ">=") port_op_cisco_style = "gt";
|
||||
|
||||
@ -326,8 +331,8 @@ bool PFImporter::buildTCPUDPObjectSingature(ObjectSignature *sig,
|
||||
|
||||
if (port_op == "<>")
|
||||
{
|
||||
addMessageToLog(
|
||||
QObject::tr("Error: 'except ranges' ('<>') for port numbers "
|
||||
error_tracker->registerError(
|
||||
QObject::tr("'except ranges' ('<>') for port numbers "
|
||||
"are not supported yet."));
|
||||
return false;
|
||||
}
|
||||
@ -364,8 +369,8 @@ void PFImporter::convertTcpFlags(QList<int> &flags_list,
|
||||
case 'F': flags_list << TCPService::FIN; break;
|
||||
case 'W':
|
||||
case 'E':
|
||||
addMessageToLog(
|
||||
QObject::tr("Error: TCP flag matches 'E' and 'W' "
|
||||
error_tracker->registerError(
|
||||
QObject::tr("TCP flag matches 'E' and 'W' "
|
||||
"are not supported."));
|
||||
}
|
||||
}
|
||||
@ -405,9 +410,8 @@ FWObject* PFImporter::makeAddressObj(AddressSpec &as)
|
||||
|
||||
if (as.at == AddressSpec::INTERFACE_BROADCAST)
|
||||
{
|
||||
addMessageToLog(
|
||||
QObject::tr("Error: import of '%1:broadcast' is not supported")
|
||||
.arg(as.address.c_str()));
|
||||
error_tracker->registerError(
|
||||
QString("import of 'interface:broadcast' is not supported."));
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -425,7 +429,7 @@ FWObject* PFImporter::makeAddressObj(AddressSpec &as)
|
||||
{
|
||||
if (as.address == "self") return getFirewallObject();
|
||||
{
|
||||
addMessageToLog(
|
||||
error_tracker->registerError(
|
||||
QObject::tr("Warning: matching '%1' is not supported")
|
||||
.arg(as.address.c_str()));
|
||||
return NULL;
|
||||
|
||||
@ -254,6 +254,34 @@ ObjectSignature::ObjectSignature(const ObjectSignature &other)
|
||||
icmp_names["address-mask-request"] = QPair<int,int>(17,0);
|
||||
icmp_names["address-mask-reply"] = QPair<int,int>(18,0);
|
||||
|
||||
// ICMP types defined in "man 4 icmp" on OpenBSD
|
||||
|
||||
icmp_names["echorep"] = QPair<int,int>(0,0);
|
||||
icmp_names["unreach"] = QPair<int,int>(3,0);
|
||||
icmp_names["squench"] = QPair<int,int>(4,0);
|
||||
icmp_names["redir"] = QPair<int,int>(5,0);
|
||||
icmp_names["althost"] = QPair<int,int>(6,0);
|
||||
icmp_names["echoreq"] = QPair<int,int>(8,0);
|
||||
icmp_names["routeradv"] = QPair<int,int>(9,0);
|
||||
icmp_names["routersol"] = QPair<int,int>(10,0);
|
||||
icmp_names["timex"] = QPair<int,int>(11,0);
|
||||
icmp_names["paramprob"] = QPair<int,int>(12,0);
|
||||
icmp_names["timereq"] = QPair<int,int>(13,0);
|
||||
icmp_names["timerep"] = QPair<int,int>(14,0);
|
||||
icmp_names["inforeq"] = QPair<int,int>(15,0);
|
||||
icmp_names["inforep"] = QPair<int,int>(16,0);
|
||||
icmp_names["maskreq"] = QPair<int,int>(17,0);
|
||||
icmp_names["maskrep"] = QPair<int,int>(18,0);
|
||||
icmp_names["trace"] = QPair<int,int>(30,0);
|
||||
icmp_names["dataconv"] = QPair<int,int>(31,0);
|
||||
icmp_names["mobredir"] = QPair<int,int>(32,0);
|
||||
icmp_names["ipv6-where"] = QPair<int,int>(33,0);
|
||||
icmp_names["ipv6-here"] = QPair<int,int>(34,0);
|
||||
icmp_names["mobregreq"] = QPair<int,int>(35,0);
|
||||
icmp_names["mobregrep"] = QPair<int,int>(36,0);
|
||||
icmp_names["skip"] = QPair<int,int>(39,0);
|
||||
icmp_names["photuris"] = QPair<int,int>(40,0);
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -44,96 +44,96 @@ PFCfgLexer::PFCfgLexer(const ANTLR_USE_NAMESPACE(antlr)LexerSharedInputState& st
|
||||
|
||||
void PFCfgLexer::initLiterals()
|
||||
{
|
||||
literals["vrrp"] = 64;
|
||||
literals["vrrp"] = 65;
|
||||
literals["critical"] = 103;
|
||||
literals["ospf"] = 62;
|
||||
literals["rdp"] = 56;
|
||||
literals["ospf"] = 63;
|
||||
literals["rdp"] = 57;
|
||||
literals["disable"] = 110;
|
||||
literals["scrub"] = 12;
|
||||
literals["ipsec"] = 92;
|
||||
literals["inet"] = 48;
|
||||
literals["pcp"] = 94;
|
||||
literals["ipsec"] = 93;
|
||||
literals["inet"] = 49;
|
||||
literals["pcp"] = 95;
|
||||
literals["emergencies"] = 105;
|
||||
literals["debugging"] = 104;
|
||||
literals["persist"] = 16;
|
||||
literals["snp"] = 98;
|
||||
literals["timeout"] = 35;
|
||||
literals["to"] = 45;
|
||||
literals["flags"] = 74;
|
||||
literals["isis"] = 66;
|
||||
literals["icmp6-type"] = 77;
|
||||
literals["snp"] = 99;
|
||||
literals["timeout"] = 36;
|
||||
literals["to"] = 46;
|
||||
literals["flags"] = 75;
|
||||
literals["isis"] = 67;
|
||||
literals["icmp6-type"] = 78;
|
||||
literals["const"] = 17;
|
||||
literals["pptp"] = 96;
|
||||
literals["pass"] = 36;
|
||||
literals["no"] = 80;
|
||||
literals["from"] = 67;
|
||||
literals["igrp"] = 91;
|
||||
literals["pim"] = 95;
|
||||
literals["tagged"] = 78;
|
||||
literals["rsvp"] = 57;
|
||||
literals["route-to"] = 72;
|
||||
literals["nos"] = 93;
|
||||
literals["quit"] = 88;
|
||||
literals["pptp"] = 97;
|
||||
literals["pass"] = 37;
|
||||
literals["no"] = 81;
|
||||
literals["from"] = 68;
|
||||
literals["igrp"] = 92;
|
||||
literals["pim"] = 96;
|
||||
literals["tagged"] = 79;
|
||||
literals["rsvp"] = 58;
|
||||
literals["route-to"] = 73;
|
||||
literals["nos"] = 94;
|
||||
literals["quit"] = 89;
|
||||
literals["->"] = 112;
|
||||
literals["peer"] = 100;
|
||||
literals["icmp-type"] = 75;
|
||||
literals["exit"] = 87;
|
||||
literals["modulate"] = 82;
|
||||
literals["nat"] = 32;
|
||||
literals["peer"] = 28;
|
||||
literals["icmp-type"] = 76;
|
||||
literals["exit"] = 88;
|
||||
literals["modulate"] = 83;
|
||||
literals["nat"] = 33;
|
||||
literals["range"] = 101;
|
||||
literals["urpf-failed"] = 68;
|
||||
literals["out"] = 39;
|
||||
literals["urpf-failed"] = 69;
|
||||
literals["out"] = 40;
|
||||
literals["queue"] = 10;
|
||||
literals["gre"] = 58;
|
||||
literals["gre"] = 59;
|
||||
literals["set"] = 11;
|
||||
literals["warnings"] = 109;
|
||||
literals["ah"] = 60;
|
||||
literals["host"] = 99;
|
||||
literals["interface"] = 89;
|
||||
literals["rip"] = 97;
|
||||
literals["icmp6"] = 90;
|
||||
literals["ah"] = 61;
|
||||
literals["host"] = 100;
|
||||
literals["interface"] = 90;
|
||||
literals["rip"] = 98;
|
||||
literals["icmp6"] = 91;
|
||||
literals["broadcast"] = 27;
|
||||
literals["notifications"] = 108;
|
||||
literals["file"] = 19;
|
||||
literals["network"] = 26;
|
||||
literals["synproxy"] = 83;
|
||||
literals["synproxy"] = 84;
|
||||
literals["altq"] = 9;
|
||||
literals["any"] = 69;
|
||||
literals["esp"] = 59;
|
||||
literals["any"] = 70;
|
||||
literals["esp"] = 60;
|
||||
literals["alerts"] = 102;
|
||||
literals["all"] = 43;
|
||||
literals["inet6"] = 49;
|
||||
literals["all"] = 44;
|
||||
literals["inet6"] = 50;
|
||||
literals["inactive"] = 111;
|
||||
literals["label"] = 85;
|
||||
literals["no-route"] = 70;
|
||||
literals["udp"] = 55;
|
||||
literals["reply-to"] = 73;
|
||||
literals["tag"] = 79;
|
||||
literals["port"] = 86;
|
||||
literals["code"] = 76;
|
||||
literals["ip"] = 51;
|
||||
literals["label"] = 86;
|
||||
literals["no-route"] = 71;
|
||||
literals["udp"] = 56;
|
||||
literals["reply-to"] = 74;
|
||||
literals["tag"] = 80;
|
||||
literals["port"] = 87;
|
||||
literals["code"] = 77;
|
||||
literals["ip"] = 52;
|
||||
literals["table"] = 13;
|
||||
literals["eigrp"] = 61;
|
||||
literals["eigrp"] = 62;
|
||||
literals["errors"] = 106;
|
||||
literals["ipip"] = 63;
|
||||
literals["ipip"] = 64;
|
||||
literals["antispoof"] = 8;
|
||||
literals["binat"] = 33;
|
||||
literals["igmp"] = 53;
|
||||
literals["on"] = 47;
|
||||
literals["state"] = 84;
|
||||
literals["log"] = 40;
|
||||
literals["proto"] = 50;
|
||||
literals["rdr"] = 34;
|
||||
literals["binat"] = 34;
|
||||
literals["igmp"] = 54;
|
||||
literals["on"] = 48;
|
||||
literals["state"] = 85;
|
||||
literals["log"] = 41;
|
||||
literals["proto"] = 51;
|
||||
literals["rdr"] = 35;
|
||||
literals["informational"] = 107;
|
||||
literals["self"] = 28;
|
||||
literals["in"] = 38;
|
||||
literals["keep"] = 81;
|
||||
literals["block"] = 37;
|
||||
literals["l2tp"] = 65;
|
||||
literals["quick"] = 46;
|
||||
literals["user"] = 44;
|
||||
literals["icmp"] = 52;
|
||||
literals["tcp"] = 54;
|
||||
literals["self"] = 30;
|
||||
literals["in"] = 39;
|
||||
literals["keep"] = 82;
|
||||
literals["block"] = 38;
|
||||
literals["l2tp"] = 66;
|
||||
literals["quick"] = 47;
|
||||
literals["user"] = 45;
|
||||
literals["icmp"] = 53;
|
||||
literals["tcp"] = 55;
|
||||
}
|
||||
|
||||
ANTLR_USE_NAMESPACE(antlr)RefToken PFCfgLexer::nextToken()
|
||||
@ -477,7 +477,7 @@ void PFCfgLexer::mNEWLINE(bool _createToken) {
|
||||
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1061 "pf.g"
|
||||
#line 1083 "pf.g"
|
||||
newline();
|
||||
#line 483 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -558,7 +558,7 @@ void PFCfgLexer::mWhitespace(bool _createToken) {
|
||||
}
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1056 "pf.g"
|
||||
#line 1078 "pf.g"
|
||||
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
|
||||
#line 564 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -775,7 +775,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
mNUM_3DIGIT(false);
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1098 "pf.g"
|
||||
#line 1120 "pf.g"
|
||||
_ttype = IPV4;
|
||||
#line 781 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -858,7 +858,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
} // ( ... )+
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1101 "pf.g"
|
||||
#line 1123 "pf.g"
|
||||
_ttype = NUMBER;
|
||||
#line 864 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -900,7 +900,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
_loop214:;
|
||||
} // ( ... )*
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1124 "pf.g"
|
||||
#line 1146 "pf.g"
|
||||
_ttype = IPV6;
|
||||
#line 906 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -997,7 +997,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
}
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1115 "pf.g"
|
||||
#line 1137 "pf.g"
|
||||
_ttype = IPV6;
|
||||
#line 1003 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1020,7 +1020,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
_loop210:;
|
||||
} // ( ... )+
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1118 "pf.g"
|
||||
#line 1140 "pf.g"
|
||||
_ttype = IPV6;
|
||||
#line 1026 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1031,7 +1031,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
|
||||
}
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1120 "pf.g"
|
||||
#line 1142 "pf.g"
|
||||
_ttype = IPV6;
|
||||
#line 1037 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1040,7 +1040,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
match(':' /* charlit */ );
|
||||
match(':' /* charlit */ );
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1127 "pf.g"
|
||||
#line 1149 "pf.g"
|
||||
_ttype = IPV6;
|
||||
#line 1046 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1061,7 +1061,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
_loop195:;
|
||||
} // ( ... )+
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1106 "pf.g"
|
||||
#line 1128 "pf.g"
|
||||
_ttype = INT_CONST;
|
||||
#line 1067 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1069,7 +1069,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
else if ((LA(1) == 0x3a /* ':' */ ) && (true)) {
|
||||
match(':' /* charlit */ );
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1130 "pf.g"
|
||||
#line 1152 "pf.g"
|
||||
_ttype = COLON;
|
||||
#line 1075 "PFCfgLexer.cpp"
|
||||
}
|
||||
@ -1289,7 +1289,7 @@ void PFCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
|
||||
_loop217:;
|
||||
} // ( ... )*
|
||||
if ( inputState->guessing==0 ) {
|
||||
#line 1142 "pf.g"
|
||||
#line 1164 "pf.g"
|
||||
_ttype = WORD;
|
||||
#line 1295 "PFCfgLexer.cpp"
|
||||
}
|
||||
|
||||
@ -183,8 +183,8 @@ void PFCfgParser::altq_command() {
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'altq' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'altq' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
|
||||
#line 191 "PFCfgParser.cpp"
|
||||
@ -225,8 +225,8 @@ void PFCfgParser::queue_command() {
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'queue' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'queue' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
|
||||
#line 233 "PFCfgParser.cpp"
|
||||
@ -431,7 +431,7 @@ void PFCfgParser::nat_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(NAT);
|
||||
#line 301 "pf.g"
|
||||
#line 313 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -452,7 +452,7 @@ void PFCfgParser::rdr_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(RDR);
|
||||
#line 323 "pf.g"
|
||||
#line 335 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -473,12 +473,12 @@ void PFCfgParser::binat_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(BINAT);
|
||||
#line 312 "pf.g"
|
||||
#line 324 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'binat' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'binat' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
|
||||
#line 485 "PFCfgParser.cpp"
|
||||
@ -494,7 +494,7 @@ void PFCfgParser::pass_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(PASS);
|
||||
#line 357 "pf.g"
|
||||
#line 369 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -505,7 +505,7 @@ void PFCfgParser::pass_command() {
|
||||
#line 506 "PFCfgParser.cpp"
|
||||
rule_extended();
|
||||
match(NEWLINE);
|
||||
#line 365 "pf.g"
|
||||
#line 377 "pf.g"
|
||||
|
||||
importer->pushRule();
|
||||
|
||||
@ -522,7 +522,7 @@ void PFCfgParser::block_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(BLOCK);
|
||||
#line 371 "pf.g"
|
||||
#line 383 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -533,7 +533,7 @@ void PFCfgParser::block_command() {
|
||||
#line 534 "PFCfgParser.cpp"
|
||||
rule_extended();
|
||||
match(NEWLINE);
|
||||
#line 379 "pf.g"
|
||||
#line 391 "pf.g"
|
||||
|
||||
importer->pushRule();
|
||||
|
||||
@ -550,7 +550,7 @@ void PFCfgParser::timeout_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(TIMEOUT);
|
||||
#line 334 "pf.g"
|
||||
#line 346 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -571,7 +571,7 @@ void PFCfgParser::unknown_command() {
|
||||
|
||||
try { // for error handling
|
||||
match(WORD);
|
||||
#line 346 "pf.g"
|
||||
#line 358 "pf.g"
|
||||
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
@ -652,6 +652,28 @@ void PFCfgParser::tableaddr_spec() {
|
||||
#line 653 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case PEER:
|
||||
{
|
||||
match(PEER);
|
||||
#line 271 "pf.g"
|
||||
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:peer' is not supported."));
|
||||
|
||||
#line 664 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case INT_CONST:
|
||||
{
|
||||
match(INT_CONST);
|
||||
#line 277 "pf.g"
|
||||
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:0' is not supported."));
|
||||
|
||||
#line 675 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
{
|
||||
throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
|
||||
@ -680,33 +702,33 @@ void PFCfgParser::tableaddr_spec() {
|
||||
case SELF:
|
||||
{
|
||||
match(SELF);
|
||||
#line 273 "pf.g"
|
||||
#line 285 "pf.g"
|
||||
|
||||
as.at = AddressSpec::SPECIAL_ADDRESS;
|
||||
as.address = "self";
|
||||
|
||||
#line 689 "PFCfgParser.cpp"
|
||||
#line 711 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case IPV4:
|
||||
{
|
||||
match(IPV4);
|
||||
#line 279 "pf.g"
|
||||
#line 291 "pf.g"
|
||||
|
||||
as.at = AddressSpec::HOST_ADDRESS;
|
||||
as.address = LT(0)->getText();
|
||||
|
||||
#line 700 "PFCfgParser.cpp"
|
||||
#line 722 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case SLASH:
|
||||
{
|
||||
match(SLASH);
|
||||
#line 285 "pf.g"
|
||||
#line 297 "pf.g"
|
||||
|
||||
as.at = AddressSpec::NETWORK_ADDRESS;
|
||||
|
||||
#line 710 "PFCfgParser.cpp"
|
||||
#line 732 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case IPV4:
|
||||
@ -725,11 +747,11 @@ void PFCfgParser::tableaddr_spec() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 289 "pf.g"
|
||||
#line 301 "pf.g"
|
||||
|
||||
as.netmask = LT(0)->getText();
|
||||
|
||||
#line 733 "PFCfgParser.cpp"
|
||||
#line 755 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
@ -755,11 +777,11 @@ void PFCfgParser::tableaddr_spec() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 294 "pf.g"
|
||||
#line 306 "pf.g"
|
||||
|
||||
importer->tmp_group.push_back(as);
|
||||
|
||||
#line 763 "PFCfgParser.cpp"
|
||||
#line 785 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1096,11 +1118,11 @@ void PFCfgParser::direction() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 397 "pf.g"
|
||||
#line 409 "pf.g"
|
||||
|
||||
importer->direction = LT(0)->getText();
|
||||
|
||||
#line 1104 "PFCfgParser.cpp"
|
||||
#line 1126 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1152,11 +1174,11 @@ void PFCfgParser::logging() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 404 "pf.g"
|
||||
#line 416 "pf.g"
|
||||
|
||||
importer->logging = true;
|
||||
|
||||
#line 1160 "PFCfgParser.cpp"
|
||||
#line 1182 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1169,11 +1191,11 @@ void PFCfgParser::quick() {
|
||||
|
||||
try { // for error handling
|
||||
match(QUICK);
|
||||
#line 426 "pf.g"
|
||||
#line 438 "pf.g"
|
||||
|
||||
importer->quick = true;
|
||||
|
||||
#line 1177 "PFCfgParser.cpp"
|
||||
#line 1199 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1252,11 +1274,11 @@ void PFCfgParser::address_family() {
|
||||
case INET6:
|
||||
{
|
||||
match(INET6);
|
||||
#line 456 "pf.g"
|
||||
#line 468 "pf.g"
|
||||
|
||||
importer->address_family = LT(0)->getText();
|
||||
|
||||
#line 1260 "PFCfgParser.cpp"
|
||||
#line 1282 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -1292,14 +1314,14 @@ void PFCfgParser::hosts() {
|
||||
case ALL:
|
||||
{
|
||||
match(ALL);
|
||||
#line 499 "pf.g"
|
||||
#line 511 "pf.g"
|
||||
|
||||
importer->src_group.push_back(
|
||||
AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0"));
|
||||
importer->dst_group.push_back(
|
||||
AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0"));
|
||||
|
||||
#line 1303 "PFCfgParser.cpp"
|
||||
#line 1325 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case NEWLINE:
|
||||
@ -1453,9 +1475,9 @@ void PFCfgParser::logopts() {
|
||||
for (;;) {
|
||||
if ((LA(1) == COMMA)) {
|
||||
match(COMMA);
|
||||
#line 413 "pf.g"
|
||||
#line 425 "pf.g"
|
||||
importer->logopts += ",";
|
||||
#line 1459 "PFCfgParser.cpp"
|
||||
#line 1481 "PFCfgParser.cpp"
|
||||
logopt();
|
||||
}
|
||||
else {
|
||||
@ -1492,11 +1514,11 @@ void PFCfgParser::logopt() {
|
||||
{
|
||||
match(TO);
|
||||
match(WORD);
|
||||
#line 420 "pf.g"
|
||||
#line 432 "pf.g"
|
||||
|
||||
importer->logopts += LT(0)->getText();
|
||||
|
||||
#line 1500 "PFCfgParser.cpp"
|
||||
#line 1522 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -1513,9 +1535,9 @@ void PFCfgParser::logopt() {
|
||||
|
||||
void PFCfgParser::ifspec() {
|
||||
Tracer traceInOut(this, "ifspec");
|
||||
#line 434 "pf.g"
|
||||
#line 446 "pf.g"
|
||||
InterfaceSpec is;
|
||||
#line 1519 "PFCfgParser.cpp"
|
||||
#line 1541 "PFCfgParser.cpp"
|
||||
|
||||
try { // for error handling
|
||||
{
|
||||
@ -1523,9 +1545,9 @@ void PFCfgParser::ifspec() {
|
||||
case EXLAMATION:
|
||||
{
|
||||
match(EXLAMATION);
|
||||
#line 435 "pf.g"
|
||||
#line 447 "pf.g"
|
||||
is.neg = true;
|
||||
#line 1529 "PFCfgParser.cpp"
|
||||
#line 1551 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
@ -1539,13 +1561,13 @@ void PFCfgParser::ifspec() {
|
||||
}
|
||||
}
|
||||
match(WORD);
|
||||
#line 437 "pf.g"
|
||||
#line 449 "pf.g"
|
||||
|
||||
is.name = LT(0)->getText();
|
||||
importer->iface_group.push_back(is);
|
||||
importer->newInterface(is.name);
|
||||
|
||||
#line 1549 "PFCfgParser.cpp"
|
||||
#line 1571 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1738,11 +1760,11 @@ void PFCfgParser::proto_name() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 476 "pf.g"
|
||||
#line 488 "pf.g"
|
||||
|
||||
importer->proto_list.push_back(LT(0)->getText());
|
||||
|
||||
#line 1746 "PFCfgParser.cpp"
|
||||
#line 1768 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1755,11 +1777,11 @@ void PFCfgParser::proto_number() {
|
||||
|
||||
try { // for error handling
|
||||
match(INT_CONST);
|
||||
#line 482 "pf.g"
|
||||
#line 494 "pf.g"
|
||||
|
||||
importer->proto_list.push_back(LT(0)->getText());
|
||||
|
||||
#line 1763 "PFCfgParser.cpp"
|
||||
#line 1785 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -1954,13 +1976,13 @@ void PFCfgParser::src_hosts_part() {
|
||||
case URPF_FAILED:
|
||||
{
|
||||
match(URPF_FAILED);
|
||||
#line 522 "pf.g"
|
||||
#line 534 "pf.g"
|
||||
|
||||
importer->tmp_group.push_back(
|
||||
AddressSpec(AddressSpec::SPECIAL_ADDRESS, false,
|
||||
"urpf-failed", ""));
|
||||
|
||||
#line 1964 "PFCfgParser.cpp"
|
||||
#line 1986 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -1969,13 +1991,13 @@ void PFCfgParser::src_hosts_part() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 528 "pf.g"
|
||||
#line 540 "pf.g"
|
||||
|
||||
importer->src_neg = importer->tmp_neg;
|
||||
importer->src_group.splice(importer->src_group.begin(),
|
||||
importer->tmp_group);
|
||||
|
||||
#line 1979 "PFCfgParser.cpp"
|
||||
#line 2001 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2011,12 +2033,12 @@ void PFCfgParser::src_port_part() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 837 "pf.g"
|
||||
#line 858 "pf.g"
|
||||
|
||||
importer->src_port_group.splice(importer->src_port_group.begin(),
|
||||
importer->tmp_port_group);
|
||||
|
||||
#line 2020 "PFCfgParser.cpp"
|
||||
#line 2042 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2029,13 +2051,13 @@ void PFCfgParser::dst_hosts_part() {
|
||||
|
||||
try { // for error handling
|
||||
common_hosts_part();
|
||||
#line 537 "pf.g"
|
||||
#line 549 "pf.g"
|
||||
|
||||
importer->dst_neg = importer->tmp_neg;
|
||||
importer->dst_group.splice(importer->dst_group.begin(),
|
||||
importer->tmp_group);
|
||||
|
||||
#line 2039 "PFCfgParser.cpp"
|
||||
#line 2061 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2071,12 +2093,12 @@ void PFCfgParser::dst_port_part() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 845 "pf.g"
|
||||
#line 866 "pf.g"
|
||||
|
||||
importer->dst_port_group.splice(importer->dst_port_group.begin(),
|
||||
importer->tmp_port_group);
|
||||
|
||||
#line 2080 "PFCfgParser.cpp"
|
||||
#line 2102 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2092,23 +2114,23 @@ void PFCfgParser::common_hosts_part() {
|
||||
case ANY:
|
||||
{
|
||||
match(ANY);
|
||||
#line 546 "pf.g"
|
||||
#line 558 "pf.g"
|
||||
|
||||
importer->tmp_group.push_back(
|
||||
AddressSpec(AddressSpec::ANY, false, "0.0.0.0", "0.0.0.0"));
|
||||
|
||||
#line 2101 "PFCfgParser.cpp"
|
||||
#line 2123 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case NO_ROUTE:
|
||||
{
|
||||
match(NO_ROUTE);
|
||||
#line 552 "pf.g"
|
||||
#line 564 "pf.g"
|
||||
|
||||
importer->tmp_group.push_back(
|
||||
AddressSpec(AddressSpec::SPECIAL_ADDRESS, false, "no-route", ""));
|
||||
|
||||
#line 2112 "PFCfgParser.cpp"
|
||||
#line 2134 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
@ -2141,9 +2163,9 @@ void PFCfgParser::common_hosts_part() {
|
||||
void PFCfgParser::host() {
|
||||
Tracer traceInOut(this, "host");
|
||||
ANTLR_USE_NAMESPACE(antlr)RefToken tn = ANTLR_USE_NAMESPACE(antlr)nullToken;
|
||||
#line 562 "pf.g"
|
||||
#line 574 "pf.g"
|
||||
AddressSpec as;
|
||||
#line 2147 "PFCfgParser.cpp"
|
||||
#line 2169 "PFCfgParser.cpp"
|
||||
|
||||
try { // for error handling
|
||||
{
|
||||
@ -2151,9 +2173,9 @@ void PFCfgParser::host() {
|
||||
case EXLAMATION:
|
||||
{
|
||||
match(EXLAMATION);
|
||||
#line 563 "pf.g"
|
||||
#line 575 "pf.g"
|
||||
as.neg = true;
|
||||
#line 2157 "PFCfgParser.cpp"
|
||||
#line 2179 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
@ -2175,13 +2197,13 @@ void PFCfgParser::host() {
|
||||
case WORD:
|
||||
{
|
||||
match(WORD);
|
||||
#line 566 "pf.g"
|
||||
#line 578 "pf.g"
|
||||
|
||||
// interface name or domain/host name
|
||||
as.at = AddressSpec::INTERFACE_NAME;
|
||||
as.address = LT(0)->getText();
|
||||
|
||||
#line 2185 "PFCfgParser.cpp"
|
||||
#line 2207 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case COLON:
|
||||
@ -2192,21 +2214,43 @@ void PFCfgParser::host() {
|
||||
case NETWORK:
|
||||
{
|
||||
match(NETWORK);
|
||||
#line 575 "pf.g"
|
||||
#line 587 "pf.g"
|
||||
|
||||
as.at = AddressSpec::INTERFACE_NETWORK;
|
||||
|
||||
#line 2200 "PFCfgParser.cpp"
|
||||
#line 2222 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case BROADCAST:
|
||||
{
|
||||
match(BROADCAST);
|
||||
#line 580 "pf.g"
|
||||
#line 592 "pf.g"
|
||||
|
||||
as.at = AddressSpec::INTERFACE_BROADCAST;
|
||||
|
||||
#line 2210 "PFCfgParser.cpp"
|
||||
#line 2232 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case PEER:
|
||||
{
|
||||
match(PEER);
|
||||
#line 597 "pf.g"
|
||||
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:peer' is not supported."));
|
||||
|
||||
#line 2243 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case INT_CONST:
|
||||
{
|
||||
match(INT_CONST);
|
||||
#line 603 "pf.g"
|
||||
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:0' is not supported."));
|
||||
|
||||
#line 2254 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -2248,45 +2292,44 @@ void PFCfgParser::host() {
|
||||
case SELF:
|
||||
{
|
||||
match(SELF);
|
||||
#line 587 "pf.g"
|
||||
#line 611 "pf.g"
|
||||
|
||||
as.at = AddressSpec::SPECIAL_ADDRESS;
|
||||
as.address = "self";
|
||||
|
||||
#line 2257 "PFCfgParser.cpp"
|
||||
#line 2301 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case IPV6:
|
||||
{
|
||||
match(IPV6);
|
||||
#line 593 "pf.g"
|
||||
#line 617 "pf.g"
|
||||
|
||||
importer->addMessageToLog(
|
||||
QString("Error: IPv6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("IPv6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
|
||||
#line 2269 "PFCfgParser.cpp"
|
||||
#line 2312 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case IPV4:
|
||||
{
|
||||
match(IPV4);
|
||||
#line 600 "pf.g"
|
||||
#line 623 "pf.g"
|
||||
|
||||
as.at = AddressSpec::HOST_ADDRESS;
|
||||
as.address = LT(0)->getText();
|
||||
|
||||
#line 2280 "PFCfgParser.cpp"
|
||||
#line 2323 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case SLASH:
|
||||
{
|
||||
match(SLASH);
|
||||
#line 606 "pf.g"
|
||||
#line 629 "pf.g"
|
||||
|
||||
as.at = AddressSpec::NETWORK_ADDRESS;
|
||||
|
||||
#line 2290 "PFCfgParser.cpp"
|
||||
#line 2333 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case IPV4:
|
||||
@ -2305,11 +2348,11 @@ void PFCfgParser::host() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 610 "pf.g"
|
||||
#line 633 "pf.g"
|
||||
|
||||
as.netmask = LT(0)->getText();
|
||||
|
||||
#line 2313 "PFCfgParser.cpp"
|
||||
#line 2356 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case NEWLINE:
|
||||
@ -2346,12 +2389,12 @@ void PFCfgParser::host() {
|
||||
tn = LT(1);
|
||||
match(WORD);
|
||||
match(GREATER_THAN);
|
||||
#line 616 "pf.g"
|
||||
#line 639 "pf.g"
|
||||
|
||||
as.at = AddressSpec::TABLE;
|
||||
as.address = tn->getText();
|
||||
|
||||
#line 2355 "PFCfgParser.cpp"
|
||||
#line 2398 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -2360,11 +2403,11 @@ void PFCfgParser::host() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 621 "pf.g"
|
||||
#line 644 "pf.g"
|
||||
|
||||
importer->tmp_group.push_back(as);
|
||||
|
||||
#line 2368 "PFCfgParser.cpp"
|
||||
#line 2411 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2422,11 +2465,11 @@ void PFCfgParser::route_to() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 643 "pf.g"
|
||||
#line 666 "pf.g"
|
||||
|
||||
importer->route_type = PFImporter::ROUTE_TO;
|
||||
|
||||
#line 2430 "PFCfgParser.cpp"
|
||||
#line 2473 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2457,11 +2500,11 @@ void PFCfgParser::reply_to() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 650 "pf.g"
|
||||
#line 673 "pf.g"
|
||||
|
||||
importer->route_type = PFImporter::REPLY_TO;
|
||||
|
||||
#line 2465 "PFCfgParser.cpp"
|
||||
#line 2508 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2475,16 +2518,16 @@ void PFCfgParser::routehost() {
|
||||
ANTLR_USE_NAMESPACE(antlr)RefToken v6 = ANTLR_USE_NAMESPACE(antlr)nullToken;
|
||||
ANTLR_USE_NAMESPACE(antlr)RefToken nm = ANTLR_USE_NAMESPACE(antlr)nullToken;
|
||||
ANTLR_USE_NAMESPACE(antlr)RefToken nm6 = ANTLR_USE_NAMESPACE(antlr)nullToken;
|
||||
#line 655 "pf.g"
|
||||
#line 678 "pf.g"
|
||||
RouteSpec rs;
|
||||
#line 2481 "PFCfgParser.cpp"
|
||||
#line 2524 "PFCfgParser.cpp"
|
||||
|
||||
try { // for error handling
|
||||
match(OPENING_PAREN);
|
||||
match(WORD);
|
||||
#line 657 "pf.g"
|
||||
#line 680 "pf.g"
|
||||
rs.iface = LT(0)->getText();
|
||||
#line 2488 "PFCfgParser.cpp"
|
||||
#line 2531 "PFCfgParser.cpp"
|
||||
{
|
||||
switch ( LA(1)) {
|
||||
case IPV4:
|
||||
@ -2542,12 +2585,11 @@ void PFCfgParser::routehost() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 659 "pf.g"
|
||||
#line 682 "pf.g"
|
||||
|
||||
if (v6)
|
||||
{
|
||||
importer->addMessageToLog(
|
||||
QString("Error: IPv6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("IPv6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
} else
|
||||
{
|
||||
@ -2556,7 +2598,7 @@ void PFCfgParser::routehost() {
|
||||
importer->route_group.push_back(rs);
|
||||
}
|
||||
|
||||
#line 2560 "PFCfgParser.cpp"
|
||||
#line 2602 "PFCfgParser.cpp"
|
||||
match(CLOSING_PAREN);
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
@ -2681,12 +2723,12 @@ void PFCfgParser::tcp_flags() {
|
||||
case ANY:
|
||||
{
|
||||
match(ANY);
|
||||
#line 716 "pf.g"
|
||||
#line 738 "pf.g"
|
||||
|
||||
importer->flags_check = "any";
|
||||
importer->flags_mask = "all";
|
||||
importer->flags_check = "none";
|
||||
importer->flags_mask = "none";
|
||||
|
||||
#line 2690 "PFCfgParser.cpp"
|
||||
#line 2732 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
@ -2742,7 +2784,7 @@ void PFCfgParser::tcp_flags() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 722 "pf.g"
|
||||
#line 744 "pf.g"
|
||||
|
||||
if (check)
|
||||
importer->flags_check = check->getText();
|
||||
@ -2753,7 +2795,7 @@ void PFCfgParser::tcp_flags() {
|
||||
else
|
||||
importer->flags_mask = "all";
|
||||
|
||||
#line 2757 "PFCfgParser.cpp"
|
||||
#line 2799 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -2805,13 +2847,12 @@ void PFCfgParser::icmp6_type() {
|
||||
|
||||
try { // for error handling
|
||||
match(ICMP6_TYPE);
|
||||
#line 776 "pf.g"
|
||||
#line 798 "pf.g"
|
||||
|
||||
importer->addMessageToLog(
|
||||
QString("Error: ICMP6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("ICMP6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
|
||||
#line 2815 "PFCfgParser.cpp"
|
||||
#line 2856 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2828,9 +2869,9 @@ void PFCfgParser::tagged() {
|
||||
case EXLAMATION:
|
||||
{
|
||||
match(EXLAMATION);
|
||||
#line 784 "pf.g"
|
||||
#line 805 "pf.g"
|
||||
importer->tagged_neg = true;
|
||||
#line 2834 "PFCfgParser.cpp"
|
||||
#line 2875 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case TAGGED:
|
||||
@ -2845,11 +2886,11 @@ void PFCfgParser::tagged() {
|
||||
}
|
||||
match(TAGGED);
|
||||
match(WORD);
|
||||
#line 786 "pf.g"
|
||||
#line 807 "pf.g"
|
||||
|
||||
importer->tagged = LT(0)->getText();
|
||||
|
||||
#line 2853 "PFCfgParser.cpp"
|
||||
#line 2894 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2863,11 +2904,11 @@ void PFCfgParser::tag_clause() {
|
||||
try { // for error handling
|
||||
match(TAG);
|
||||
match(WORD);
|
||||
#line 793 "pf.g"
|
||||
#line 814 "pf.g"
|
||||
|
||||
importer->tag = LT(0)->getText();
|
||||
|
||||
#line 2871 "PFCfgParser.cpp"
|
||||
#line 2912 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -2907,11 +2948,11 @@ void PFCfgParser::state() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 808 "pf.g"
|
||||
#line 829 "pf.g"
|
||||
|
||||
importer->state_op = LT(0)->getText();
|
||||
|
||||
#line 2915 "PFCfgParser.cpp"
|
||||
#line 2956 "PFCfgParser.cpp"
|
||||
match(STATE);
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
@ -2930,29 +2971,29 @@ void PFCfgParser::queue() {
|
||||
case WORD:
|
||||
{
|
||||
match(WORD);
|
||||
#line 817 "pf.g"
|
||||
#line 838 "pf.g"
|
||||
importer->queue += LT(0)->getText();
|
||||
#line 2936 "PFCfgParser.cpp"
|
||||
#line 2977 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case OPENING_PAREN:
|
||||
{
|
||||
match(OPENING_PAREN);
|
||||
match(WORD);
|
||||
#line 820 "pf.g"
|
||||
#line 841 "pf.g"
|
||||
importer->queue += LT(0)->getText();
|
||||
#line 2945 "PFCfgParser.cpp"
|
||||
#line 2986 "PFCfgParser.cpp"
|
||||
{ // ( ... )*
|
||||
for (;;) {
|
||||
if ((LA(1) == COMMA)) {
|
||||
match(COMMA);
|
||||
#line 822 "pf.g"
|
||||
#line 843 "pf.g"
|
||||
importer->queue += ",";
|
||||
#line 2952 "PFCfgParser.cpp"
|
||||
#line 2993 "PFCfgParser.cpp"
|
||||
match(WORD);
|
||||
#line 823 "pf.g"
|
||||
#line 844 "pf.g"
|
||||
importer->queue += LT(0)->getText();
|
||||
#line 2956 "PFCfgParser.cpp"
|
||||
#line 2997 "PFCfgParser.cpp"
|
||||
}
|
||||
else {
|
||||
goto _loop135;
|
||||
@ -2992,9 +3033,9 @@ void PFCfgParser::label() {
|
||||
|
||||
void PFCfgParser::icmp_type_code() {
|
||||
Tracer traceInOut(this, "icmp_type_code");
|
||||
#line 744 "pf.g"
|
||||
#line 766 "pf.g"
|
||||
IcmpSpec is;
|
||||
#line 2998 "PFCfgParser.cpp"
|
||||
#line 3039 "PFCfgParser.cpp"
|
||||
|
||||
try { // for error handling
|
||||
{
|
||||
@ -3002,17 +3043,17 @@ void PFCfgParser::icmp_type_code() {
|
||||
case WORD:
|
||||
{
|
||||
match(WORD);
|
||||
#line 746 "pf.g"
|
||||
#line 768 "pf.g"
|
||||
is.icmp_type_name = LT(0)->getText();
|
||||
#line 3008 "PFCfgParser.cpp"
|
||||
#line 3049 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case INT_CONST:
|
||||
{
|
||||
match(INT_CONST);
|
||||
#line 748 "pf.g"
|
||||
#line 770 "pf.g"
|
||||
is.icmp_type_int = LT(0)->getText();
|
||||
#line 3016 "PFCfgParser.cpp"
|
||||
#line 3057 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -3031,17 +3072,17 @@ void PFCfgParser::icmp_type_code() {
|
||||
case WORD:
|
||||
{
|
||||
match(WORD);
|
||||
#line 753 "pf.g"
|
||||
#line 775 "pf.g"
|
||||
is.icmp_code_name = LT(0)->getText();
|
||||
#line 3037 "PFCfgParser.cpp"
|
||||
#line 3078 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case INT_CONST:
|
||||
{
|
||||
match(INT_CONST);
|
||||
#line 755 "pf.g"
|
||||
#line 777 "pf.g"
|
||||
is.icmp_code_int = LT(0)->getText();
|
||||
#line 3045 "PFCfgParser.cpp"
|
||||
#line 3086 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -3078,11 +3119,11 @@ void PFCfgParser::icmp_type_code() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 758 "pf.g"
|
||||
#line 780 "pf.g"
|
||||
|
||||
importer->icmp_type_code_group.push_back(is);
|
||||
|
||||
#line 3086 "PFCfgParser.cpp"
|
||||
#line 3127 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -3136,9 +3177,9 @@ void PFCfgParser::icmp_list() {
|
||||
|
||||
void PFCfgParser::port_op() {
|
||||
Tracer traceInOut(this, "port_op");
|
||||
#line 877 "pf.g"
|
||||
#line 898 "pf.g"
|
||||
PortSpec ps;
|
||||
#line 3142 "PFCfgParser.cpp"
|
||||
#line 3183 "PFCfgParser.cpp"
|
||||
|
||||
try { // for error handling
|
||||
{
|
||||
@ -3149,39 +3190,39 @@ void PFCfgParser::port_op() {
|
||||
case EXLAMATION:
|
||||
{
|
||||
unary_port_op();
|
||||
#line 879 "pf.g"
|
||||
#line 900 "pf.g"
|
||||
ps.port_op = importer->tmp_port_op;
|
||||
#line 3155 "PFCfgParser.cpp"
|
||||
#line 3196 "PFCfgParser.cpp"
|
||||
port_def();
|
||||
#line 881 "pf.g"
|
||||
#line 902 "pf.g"
|
||||
|
||||
ps.port1 = importer->tmp_port_def;
|
||||
ps.port2 = importer->tmp_port_def;
|
||||
|
||||
#line 3162 "PFCfgParser.cpp"
|
||||
#line 3203 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case WORD:
|
||||
case INT_CONST:
|
||||
{
|
||||
port_def();
|
||||
#line 887 "pf.g"
|
||||
#line 908 "pf.g"
|
||||
|
||||
ps.port1 = importer->tmp_port_def;
|
||||
ps.port2 = ps.port1;
|
||||
ps.port_op = "=";
|
||||
|
||||
#line 3175 "PFCfgParser.cpp"
|
||||
#line 3216 "PFCfgParser.cpp"
|
||||
{
|
||||
if ((LA(1) == LESS_THAN || LA(1) == GREATER_THAN || LA(1) == COLON) && (_tokenSet_33.member(LA(2)))) {
|
||||
binary_port_op();
|
||||
#line 893 "pf.g"
|
||||
#line 914 "pf.g"
|
||||
ps.port_op = importer->tmp_port_op;
|
||||
#line 3181 "PFCfgParser.cpp"
|
||||
#line 3222 "PFCfgParser.cpp"
|
||||
port_def();
|
||||
#line 894 "pf.g"
|
||||
#line 915 "pf.g"
|
||||
ps.port2 = LT(0)->getText();
|
||||
#line 3185 "PFCfgParser.cpp"
|
||||
#line 3226 "PFCfgParser.cpp"
|
||||
}
|
||||
else if ((_tokenSet_34.member(LA(1))) && (_tokenSet_35.member(LA(2)))) {
|
||||
}
|
||||
@ -3198,11 +3239,11 @@ void PFCfgParser::port_op() {
|
||||
}
|
||||
}
|
||||
}
|
||||
#line 897 "pf.g"
|
||||
#line 918 "pf.g"
|
||||
|
||||
importer->tmp_port_group.push_back(ps);
|
||||
|
||||
#line 3206 "PFCfgParser.cpp"
|
||||
#line 3247 "PFCfgParser.cpp"
|
||||
}
|
||||
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
|
||||
reportError(ex);
|
||||
@ -3267,46 +3308,46 @@ void PFCfgParser::unary_port_op() {
|
||||
case EQUAL:
|
||||
{
|
||||
match(EQUAL);
|
||||
#line 853 "pf.g"
|
||||
#line 874 "pf.g"
|
||||
importer->tmp_port_op = "=";
|
||||
#line 3273 "PFCfgParser.cpp"
|
||||
#line 3314 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case EXLAMATION:
|
||||
{
|
||||
match(EXLAMATION);
|
||||
match(EQUAL);
|
||||
#line 855 "pf.g"
|
||||
#line 876 "pf.g"
|
||||
importer->tmp_port_op = "!=";
|
||||
#line 3282 "PFCfgParser.cpp"
|
||||
#line 3323 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
if ((LA(1) == LESS_THAN) && (LA(2) == WORD || LA(2) == INT_CONST)) {
|
||||
match(LESS_THAN);
|
||||
#line 857 "pf.g"
|
||||
#line 878 "pf.g"
|
||||
importer->tmp_port_op = "<";
|
||||
#line 3290 "PFCfgParser.cpp"
|
||||
#line 3331 "PFCfgParser.cpp"
|
||||
}
|
||||
else if ((LA(1) == LESS_THAN) && (LA(2) == EQUAL)) {
|
||||
match(LESS_THAN);
|
||||
match(EQUAL);
|
||||
#line 859 "pf.g"
|
||||
#line 880 "pf.g"
|
||||
importer->tmp_port_op = "<=";
|
||||
#line 3297 "PFCfgParser.cpp"
|
||||
#line 3338 "PFCfgParser.cpp"
|
||||
}
|
||||
else if ((LA(1) == GREATER_THAN) && (LA(2) == WORD || LA(2) == INT_CONST)) {
|
||||
match(GREATER_THAN);
|
||||
#line 861 "pf.g"
|
||||
#line 882 "pf.g"
|
||||
importer->tmp_port_op = ">";
|
||||
#line 3303 "PFCfgParser.cpp"
|
||||
#line 3344 "PFCfgParser.cpp"
|
||||
}
|
||||
else if ((LA(1) == GREATER_THAN) && (LA(2) == EQUAL)) {
|
||||
match(GREATER_THAN);
|
||||
match(EQUAL);
|
||||
#line 863 "pf.g"
|
||||
#line 884 "pf.g"
|
||||
importer->tmp_port_op = ">=";
|
||||
#line 3310 "PFCfgParser.cpp"
|
||||
#line 3351 "PFCfgParser.cpp"
|
||||
}
|
||||
else {
|
||||
throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
|
||||
@ -3330,26 +3371,26 @@ void PFCfgParser::binary_port_op() {
|
||||
{
|
||||
match(LESS_THAN);
|
||||
match(GREATER_THAN);
|
||||
#line 869 "pf.g"
|
||||
#line 890 "pf.g"
|
||||
importer->tmp_port_op = "<>";
|
||||
#line 3336 "PFCfgParser.cpp"
|
||||
#line 3377 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case GREATER_THAN:
|
||||
{
|
||||
match(GREATER_THAN);
|
||||
match(LESS_THAN);
|
||||
#line 871 "pf.g"
|
||||
#line 892 "pf.g"
|
||||
importer->tmp_port_op = "><";
|
||||
#line 3345 "PFCfgParser.cpp"
|
||||
#line 3386 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
case COLON:
|
||||
{
|
||||
match(COLON);
|
||||
#line 873 "pf.g"
|
||||
#line 894 "pf.g"
|
||||
importer->tmp_port_op = ":";
|
||||
#line 3353 "PFCfgParser.cpp"
|
||||
#line 3394 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -3378,11 +3419,11 @@ void PFCfgParser::port_def() {
|
||||
case INT_CONST:
|
||||
{
|
||||
match(INT_CONST);
|
||||
#line 904 "pf.g"
|
||||
#line 925 "pf.g"
|
||||
|
||||
importer->tmp_port_def = LT(0)->getText();
|
||||
|
||||
#line 3386 "PFCfgParser.cpp"
|
||||
#line 3427 "PFCfgParser.cpp"
|
||||
break;
|
||||
}
|
||||
default:
|
||||
@ -3429,10 +3470,11 @@ const char* PFCfgParser::tokenNames[] = {
|
||||
"COLON",
|
||||
"\"network\"",
|
||||
"\"broadcast\"",
|
||||
"\"peer\"",
|
||||
"INT_CONST",
|
||||
"\"self\"",
|
||||
"IPV4",
|
||||
"SLASH",
|
||||
"INT_CONST",
|
||||
"\"nat\"",
|
||||
"\"binat\"",
|
||||
"\"rdr\"",
|
||||
@ -3501,7 +3543,6 @@ const char* PFCfgParser::tokenNames[] = {
|
||||
"\"rip\"",
|
||||
"\"snp\"",
|
||||
"\"host\"",
|
||||
"\"peer\"",
|
||||
"\"range\"",
|
||||
"\"alerts\"",
|
||||
"\"critical\"",
|
||||
@ -3544,37 +3585,37 @@ const char* PFCfgParser::tokenNames[] = {
|
||||
0
|
||||
};
|
||||
|
||||
const unsigned long PFCfgParser::_tokenSet_0_data_[] = { 16242UL, 63UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_0_data_[] = { 16242UL, 126UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD "antispoof" "altq" "queue" "set" "scrub"
|
||||
// "table" "nat" "binat" "rdr" "timeout" "pass" "block"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_0(_tokenSet_0_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_1_data_[] = { 2UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_1(_tokenSet_1_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_2_data_[] = { 826277952UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_2_data_[] = { 3242197056UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD COMMA EXLAMATION "self" IPV4
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_2(_tokenSet_2_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_3_data_[] = { 834666560UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_3_data_[] = { 3250585664UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD COMMA CLOSING_BRACE EXLAMATION "self" IPV4
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_3(_tokenSet_3_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_4_data_[] = { 16778256UL, 10240UL, 3140616UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_4_data_[] = { 16778256UL, 20480UL, 6281232UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "from" "flags" "icmp-type" "icmp6-type"
|
||||
// "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_4(_tokenSet_4_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_5_data_[] = { 4050681714UL, 8767UL, 8383728UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_5_data_[] = { 3782246258UL, 17535UL, 16767456UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD "antispoof" "altq" "queue" "set" "scrub"
|
||||
// "table" LESS_THAN STRING OPENING_BRACE COMMA EXLAMATION "self" IPV4
|
||||
// SLASH INT_CONST "nat" "binat" "rdr" "timeout" "pass" "block" OPENING_PAREN
|
||||
// "table" LESS_THAN STRING OPENING_BRACE COMMA EXLAMATION INT_CONST "self"
|
||||
// IPV4 SLASH "nat" "binat" "rdr" "timeout" "pass" "block" OPENING_PAREN
|
||||
// "to" "urpf-failed" "any" "no-route" IPV6 "flags" "icmp-type" "icmp6-type"
|
||||
// "tagged" "tag" "no" "keep" "modulate" "synproxy" "state" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_5(_tokenSet_5_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_6_data_[] = { 16778256UL, 0UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_6_data_[] = { 16778256UL, 0UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_6(_tokenSet_6_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_7_data_[] = { 3245358962UL, 575UL, 4189216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_7_data_[] = { 561004402UL, 1151UL, 8378432UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD "antispoof" "altq" "queue" "set" "scrub"
|
||||
// "table" STRING OPENING_BRACE COMMA EXLAMATION SLASH INT_CONST "nat"
|
||||
// "table" STRING OPENING_BRACE COMMA EXLAMATION INT_CONST SLASH "nat"
|
||||
// "binat" "rdr" "timeout" "pass" "block" OPENING_PAREN "any" "flags" "icmp-type"
|
||||
// "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy" "state"
|
||||
// "label"
|
||||
@ -3582,143 +3623,143 @@ const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_7(_tokenSet_7_data
|
||||
const unsigned long PFCfgParser::_tokenSet_8_data_[] = { 16UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_8(_tokenSet_8_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_9_data_[] = { 16778256UL, 518400UL, 3141384UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_9_data_[] = { 16778256UL, 1036800UL, 6282768UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "log" "all" "to" "quick" "on" "inet" "inet6"
|
||||
// "proto" "from" "route-to" "reply-to" "flags" "icmp-type" "icmp6-type"
|
||||
// "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_9(_tokenSet_9_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_10_data_[] = { 16778256UL, 518144UL, 3141384UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_10_data_[] = { 16778256UL, 1036288UL, 6282768UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "quick" "on" "inet" "inet6" "proto"
|
||||
// "from" "route-to" "reply-to" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_10(_tokenSet_10_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_11_data_[] = { 16778256UL, 501760UL, 3141384UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_11_data_[] = { 16778256UL, 1003520UL, 6282768UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "on" "inet" "inet6" "proto" "from"
|
||||
// "route-to" "reply-to" "flags" "icmp-type" "icmp6-type" "tagged" "tag"
|
||||
// "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_11(_tokenSet_11_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_12_data_[] = { 16778256UL, 468992UL, 3141384UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_12_data_[] = { 16778256UL, 937984UL, 6282768UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "inet" "inet6" "proto" "from"
|
||||
// "route-to" "reply-to" "flags" "icmp-type" "icmp6-type" "tagged" "tag"
|
||||
// "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_12(_tokenSet_12_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_13_data_[] = { 16778256UL, 468992UL, 3140616UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_13_data_[] = { 16778256UL, 937984UL, 6281232UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "inet" "inet6" "proto" "from"
|
||||
// "flags" "icmp-type" "icmp6-type" "tagged" "tag" "no" "keep" "modulate"
|
||||
// "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_13(_tokenSet_13_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_14_data_[] = { 16778256UL, 272384UL, 3140616UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_14_data_[] = { 16778256UL, 544768UL, 6281232UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "all" "to" "proto" "from" "flags" "icmp-type"
|
||||
// "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_14(_tokenSet_14_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_15_data_[] = { 20972544UL, 0UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_15_data_[] = { 20972544UL, 0UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// "queue" COMMA EXLAMATION "flags" "icmp-type" "icmp6-type" "tagged" "tag"
|
||||
// "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_15(_tokenSet_15_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_16_data_[] = { 4194304UL, 1024UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_16_data_[] = { 4194304UL, 2048UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// COMMA CLOSING_PAREN
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_16(_tokenSet_16_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_17_data_[] = { 29361232UL, 468992UL, 3141384UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_17_data_[] = { 29361232UL, 937984UL, 6282768UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD "queue" COMMA CLOSING_BRACE EXLAMATION "all" "to" "inet"
|
||||
// "inet6" "proto" "from" "route-to" "reply-to" "flags" "icmp-type" "icmp6-type"
|
||||
// "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_17(_tokenSet_17_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_18_data_[] = { 2178941968UL, 4294453248UL, 3140623UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_18_data_[] = { 568329232UL, 4293939200UL, 6281247UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" OPENING_BRACE COMMA CLOSING_BRACE EXLAMATION INT_CONST
|
||||
// "all" "to" "ip" "icmp" "igmp" "tcp" "udp" "rdp" "rsvp" "gre" "esp" "ah"
|
||||
// "eigrp" "ospf" "ipip" "vrrp" "l2tp" "isis" "from" "flags" "icmp-type"
|
||||
// "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_18(_tokenSet_18_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_19_data_[] = { 2153775104UL, 4294443008UL, 7UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_19_data_[] = { 543162368UL, 4293918720UL, 15UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// OPENING_BRACE COMMA INT_CONST "ip" "icmp" "igmp" "tcp" "udp" "rdp" "rsvp"
|
||||
// "gre" "esp" "ah" "eigrp" "ospf" "ipip" "vrrp" "l2tp" "isis"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_19(_tokenSet_19_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_20_data_[] = { 824197184UL, 0UL, 240UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_20_data_[] = { 3240116288UL, 0UL, 480UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD LESS_THAN OPENING_BRACE EXLAMATION "self" IPV4 "urpf-failed" "any"
|
||||
// "no-route" IPV6
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_20(_tokenSet_20_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_21_data_[] = { 1929397328UL, 8192UL, 7335040UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_21_data_[] = { 3271574608UL, 16385UL, 14670080UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD "queue" LESS_THAN EXLAMATION COLON "self" IPV4 SLASH "to"
|
||||
// IPV6 "flags" "icmp-type" "icmp6-type" "tagged" "tag" "no" "keep" "modulate"
|
||||
// "synproxy" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_21(_tokenSet_21_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_22_data_[] = { 16778256UL, 8192UL, 7334912UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_22_data_[] = { 16778256UL, 16384UL, 14669824UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "to" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_22(_tokenSet_22_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_23_data_[] = { 4050714610UL, 575UL, 8383712UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_23_data_[] = { 3782279154UL, 1151UL, 16767424UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD EQUAL "antispoof" "altq" "queue" "set"
|
||||
// "scrub" "table" LESS_THAN GREATER_THAN STRING OPENING_BRACE COMMA EXLAMATION
|
||||
// "self" IPV4 SLASH INT_CONST "nat" "binat" "rdr" "timeout" "pass" "block"
|
||||
// INT_CONST "self" IPV4 SLASH "nat" "binat" "rdr" "timeout" "pass" "block"
|
||||
// OPENING_PAREN "any" "no-route" IPV6 "flags" "icmp-type" "icmp6-type"
|
||||
// "tagged" "tag" "no" "keep" "modulate" "synproxy" "state" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_23(_tokenSet_23_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_24_data_[] = { 16778256UL, 8192UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_24_data_[] = { 16778256UL, 16384UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "to" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_24(_tokenSet_24_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_25_data_[] = { 824197184UL, 0UL, 224UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_25_data_[] = { 3240116288UL, 0UL, 448UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD LESS_THAN OPENING_BRACE EXLAMATION "self" IPV4 "any" "no-route"
|
||||
// IPV6
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_25(_tokenSet_25_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_26_data_[] = { 1929397328UL, 0UL, 7335040UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_26_data_[] = { 3271574608UL, 1UL, 14670080UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD "queue" LESS_THAN EXLAMATION COLON "self" IPV4 SLASH IPV6
|
||||
// "flags" "icmp-type" "icmp6-type" "tagged" "tag" "no" "keep" "modulate"
|
||||
// "synproxy" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_26(_tokenSet_26_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_27_data_[] = { 16778256UL, 0UL, 7334912UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_27_data_[] = { 16778256UL, 0UL, 14669824UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" EXLAMATION "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_27(_tokenSet_27_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_28_data_[] = { 3245408242UL, 575UL, 4189216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_28_data_[] = { 561053682UL, 1151UL, 8378432UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD EQUAL "antispoof" "altq" "queue" "set"
|
||||
// "scrub" "table" LESS_THAN GREATER_THAN STRING OPENING_BRACE COMMA EXLAMATION
|
||||
// SLASH INT_CONST "nat" "binat" "rdr" "timeout" "pass" "block" OPENING_PAREN
|
||||
// INT_CONST SLASH "nat" "binat" "rdr" "timeout" "pass" "block" OPENING_PAREN
|
||||
// "any" "flags" "icmp-type" "icmp6-type" "tagged" "tag" "no" "keep" "modulate"
|
||||
// "synproxy" "state" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_28(_tokenSet_28_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_29_data_[] = { 29361168UL, 8192UL, 7334912UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_29_data_[] = { 29361168UL, 16384UL, 14669824UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" COMMA CLOSING_BRACE EXLAMATION "to" "flags" "icmp-type"
|
||||
// "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
// "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_29(_tokenSet_29_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_30_data_[] = { 29361168UL, 469504UL, 3140616UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_30_data_[] = { 29361168UL, 939008UL, 6281232UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" COMMA CLOSING_BRACE EXLAMATION OPENING_PAREN "all" "to"
|
||||
// "inet" "inet6" "proto" "from" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_30(_tokenSet_30_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_31_data_[] = { 20972560UL, 0UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_31_data_[] = { 20972560UL, 0UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE "queue" COMMA EXLAMATION "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_31(_tokenSet_31_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_32_data_[] = { 2176844880UL, 0UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_32_data_[] = { 566232144UL, 0UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD "queue" COMMA CLOSING_BRACE EXLAMATION INT_CONST "flags"
|
||||
// "icmp-type" "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy"
|
||||
// "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_32(_tokenSet_32_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_33_data_[] = { 2147532864UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_33_data_[] = { 536920128UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD LESS_THAN GREATER_THAN INT_CONST
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_33(_tokenSet_33_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_34_data_[] = { 2176894160UL, 8192UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_34_data_[] = { 566281424UL, 16384UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD EQUAL "queue" LESS_THAN GREATER_THAN COMMA CLOSING_BRACE
|
||||
// EXLAMATION INT_CONST "to" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_34(_tokenSet_34_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_35_data_[] = { 4092657650UL, 8767UL, 8383712UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_35_data_[] = { 3824222194UL, 17535UL, 16767424UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// EOF NEWLINE LINE_COMMENT WORD EQUAL "antispoof" "altq" "queue" "set"
|
||||
// "scrub" "table" LESS_THAN GREATER_THAN STRING OPENING_BRACE COMMA CLOSING_BRACE
|
||||
// EXLAMATION COLON "self" IPV4 SLASH INT_CONST "nat" "binat" "rdr" "timeout"
|
||||
// EXLAMATION COLON INT_CONST "self" IPV4 SLASH "nat" "binat" "rdr" "timeout"
|
||||
// "pass" "block" OPENING_PAREN "to" "any" "no-route" IPV6 "flags" "icmp-type"
|
||||
// "icmp6-type" "tagged" "tag" "no" "keep" "modulate" "synproxy" "state"
|
||||
// "label" "port"
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_35(_tokenSet_35_data_,8);
|
||||
const unsigned long PFCfgParser::_tokenSet_36_data_[] = { 2168504512UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_36_data_[] = { 557891776UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD EQUAL LESS_THAN GREATER_THAN COMMA EXLAMATION INT_CONST
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_36(_tokenSet_36_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_37_data_[] = { 2147483712UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_37_data_[] = { 536870976UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// WORD INT_CONST
|
||||
const ANTLR_USE_NAMESPACE(antlr)BitSet PFCfgParser::_tokenSet_37(_tokenSet_37_data_,6);
|
||||
const unsigned long PFCfgParser::_tokenSet_38_data_[] = { 2210448592UL, 8192UL, 3140608UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
const unsigned long PFCfgParser::_tokenSet_38_data_[] = { 599835856UL, 16384UL, 6281216UL, 0UL, 0UL, 0UL, 0UL, 0UL };
|
||||
// NEWLINE WORD EQUAL "queue" LESS_THAN GREATER_THAN COMMA CLOSING_BRACE
|
||||
// EXLAMATION COLON INT_CONST "to" "flags" "icmp-type" "icmp6-type" "tagged"
|
||||
// "tag" "no" "keep" "modulate" "synproxy" "label"
|
||||
|
||||
@ -36,79 +36,79 @@ struct CUSTOM_API PFCfgParserTokenTypes {
|
||||
COLON = 25,
|
||||
NETWORK = 26,
|
||||
BROADCAST = 27,
|
||||
SELF = 28,
|
||||
IPV4 = 29,
|
||||
SLASH = 30,
|
||||
INT_CONST = 31,
|
||||
NAT = 32,
|
||||
BINAT = 33,
|
||||
RDR = 34,
|
||||
TIMEOUT = 35,
|
||||
PASS = 36,
|
||||
BLOCK = 37,
|
||||
IN = 38,
|
||||
OUT = 39,
|
||||
LOG = 40,
|
||||
OPENING_PAREN = 41,
|
||||
CLOSING_PAREN = 42,
|
||||
ALL = 43,
|
||||
USER = 44,
|
||||
TO = 45,
|
||||
QUICK = 46,
|
||||
ON = 47,
|
||||
INET = 48,
|
||||
INET6 = 49,
|
||||
PROTO = 50,
|
||||
IP = 51,
|
||||
ICMP = 52,
|
||||
IGMP = 53,
|
||||
TCP = 54,
|
||||
UDP = 55,
|
||||
RDP = 56,
|
||||
RSVP = 57,
|
||||
GRE = 58,
|
||||
ESP = 59,
|
||||
AH = 60,
|
||||
EIGRP = 61,
|
||||
OSPF = 62,
|
||||
IPIP = 63,
|
||||
VRRP = 64,
|
||||
L2TP = 65,
|
||||
ISIS = 66,
|
||||
FROM = 67,
|
||||
URPF_FAILED = 68,
|
||||
ANY = 69,
|
||||
NO_ROUTE = 70,
|
||||
IPV6 = 71,
|
||||
ROUTE_TO = 72,
|
||||
REPLY_TO = 73,
|
||||
FLAGS = 74,
|
||||
ICMP_TYPE = 75,
|
||||
ICMP_CODE = 76,
|
||||
ICMP6_TYPE = 77,
|
||||
TAGGED = 78,
|
||||
TAG = 79,
|
||||
NO = 80,
|
||||
KEEP = 81,
|
||||
MODULATE = 82,
|
||||
SYNPROXY = 83,
|
||||
STATE = 84,
|
||||
LABEL = 85,
|
||||
PORT = 86,
|
||||
EXIT = 87,
|
||||
QUIT = 88,
|
||||
INTRFACE = 89,
|
||||
ICMP6 = 90,
|
||||
IGRP = 91,
|
||||
IPSEC = 92,
|
||||
NOS = 93,
|
||||
PCP = 94,
|
||||
PIM = 95,
|
||||
PPTP = 96,
|
||||
RIP = 97,
|
||||
SNP = 98,
|
||||
HOST = 99,
|
||||
PEER = 100,
|
||||
PEER = 28,
|
||||
INT_CONST = 29,
|
||||
SELF = 30,
|
||||
IPV4 = 31,
|
||||
SLASH = 32,
|
||||
NAT = 33,
|
||||
BINAT = 34,
|
||||
RDR = 35,
|
||||
TIMEOUT = 36,
|
||||
PASS = 37,
|
||||
BLOCK = 38,
|
||||
IN = 39,
|
||||
OUT = 40,
|
||||
LOG = 41,
|
||||
OPENING_PAREN = 42,
|
||||
CLOSING_PAREN = 43,
|
||||
ALL = 44,
|
||||
USER = 45,
|
||||
TO = 46,
|
||||
QUICK = 47,
|
||||
ON = 48,
|
||||
INET = 49,
|
||||
INET6 = 50,
|
||||
PROTO = 51,
|
||||
IP = 52,
|
||||
ICMP = 53,
|
||||
IGMP = 54,
|
||||
TCP = 55,
|
||||
UDP = 56,
|
||||
RDP = 57,
|
||||
RSVP = 58,
|
||||
GRE = 59,
|
||||
ESP = 60,
|
||||
AH = 61,
|
||||
EIGRP = 62,
|
||||
OSPF = 63,
|
||||
IPIP = 64,
|
||||
VRRP = 65,
|
||||
L2TP = 66,
|
||||
ISIS = 67,
|
||||
FROM = 68,
|
||||
URPF_FAILED = 69,
|
||||
ANY = 70,
|
||||
NO_ROUTE = 71,
|
||||
IPV6 = 72,
|
||||
ROUTE_TO = 73,
|
||||
REPLY_TO = 74,
|
||||
FLAGS = 75,
|
||||
ICMP_TYPE = 76,
|
||||
ICMP_CODE = 77,
|
||||
ICMP6_TYPE = 78,
|
||||
TAGGED = 79,
|
||||
TAG = 80,
|
||||
NO = 81,
|
||||
KEEP = 82,
|
||||
MODULATE = 83,
|
||||
SYNPROXY = 84,
|
||||
STATE = 85,
|
||||
LABEL = 86,
|
||||
PORT = 87,
|
||||
EXIT = 88,
|
||||
QUIT = 89,
|
||||
INTRFACE = 90,
|
||||
ICMP6 = 91,
|
||||
IGRP = 92,
|
||||
IPSEC = 93,
|
||||
NOS = 94,
|
||||
PCP = 95,
|
||||
PIM = 96,
|
||||
PPTP = 97,
|
||||
RIP = 98,
|
||||
SNP = 99,
|
||||
HOST = 100,
|
||||
RANGE = 101,
|
||||
LOG_LEVEL_ALERTS = 102,
|
||||
LOG_LEVEL_CRITICAL = 103,
|
||||
|
||||
@ -24,79 +24,79 @@ EXLAMATION=24
|
||||
COLON=25
|
||||
NETWORK="network"=26
|
||||
BROADCAST="broadcast"=27
|
||||
SELF="self"=28
|
||||
IPV4=29
|
||||
SLASH=30
|
||||
INT_CONST=31
|
||||
NAT="nat"=32
|
||||
BINAT="binat"=33
|
||||
RDR="rdr"=34
|
||||
TIMEOUT="timeout"=35
|
||||
PASS="pass"=36
|
||||
BLOCK="block"=37
|
||||
IN="in"=38
|
||||
OUT="out"=39
|
||||
LOG="log"=40
|
||||
OPENING_PAREN=41
|
||||
CLOSING_PAREN=42
|
||||
ALL="all"=43
|
||||
USER="user"=44
|
||||
TO="to"=45
|
||||
QUICK="quick"=46
|
||||
ON="on"=47
|
||||
INET="inet"=48
|
||||
INET6="inet6"=49
|
||||
PROTO="proto"=50
|
||||
IP="ip"=51
|
||||
ICMP="icmp"=52
|
||||
IGMP="igmp"=53
|
||||
TCP="tcp"=54
|
||||
UDP="udp"=55
|
||||
RDP="rdp"=56
|
||||
RSVP="rsvp"=57
|
||||
GRE="gre"=58
|
||||
ESP="esp"=59
|
||||
AH="ah"=60
|
||||
EIGRP="eigrp"=61
|
||||
OSPF="ospf"=62
|
||||
IPIP="ipip"=63
|
||||
VRRP="vrrp"=64
|
||||
L2TP="l2tp"=65
|
||||
ISIS="isis"=66
|
||||
FROM="from"=67
|
||||
URPF_FAILED="urpf-failed"=68
|
||||
ANY="any"=69
|
||||
NO_ROUTE="no-route"=70
|
||||
IPV6=71
|
||||
ROUTE_TO="route-to"=72
|
||||
REPLY_TO="reply-to"=73
|
||||
FLAGS="flags"=74
|
||||
ICMP_TYPE="icmp-type"=75
|
||||
ICMP_CODE="code"=76
|
||||
ICMP6_TYPE="icmp6-type"=77
|
||||
TAGGED="tagged"=78
|
||||
TAG="tag"=79
|
||||
NO="no"=80
|
||||
KEEP="keep"=81
|
||||
MODULATE="modulate"=82
|
||||
SYNPROXY="synproxy"=83
|
||||
STATE="state"=84
|
||||
LABEL="label"=85
|
||||
PORT="port"=86
|
||||
EXIT="exit"=87
|
||||
QUIT="quit"=88
|
||||
INTRFACE="interface"=89
|
||||
ICMP6="icmp6"=90
|
||||
IGRP="igrp"=91
|
||||
IPSEC="ipsec"=92
|
||||
NOS="nos"=93
|
||||
PCP="pcp"=94
|
||||
PIM="pim"=95
|
||||
PPTP="pptp"=96
|
||||
RIP="rip"=97
|
||||
SNP="snp"=98
|
||||
HOST="host"=99
|
||||
PEER="peer"=100
|
||||
PEER="peer"=28
|
||||
INT_CONST=29
|
||||
SELF="self"=30
|
||||
IPV4=31
|
||||
SLASH=32
|
||||
NAT="nat"=33
|
||||
BINAT="binat"=34
|
||||
RDR="rdr"=35
|
||||
TIMEOUT="timeout"=36
|
||||
PASS="pass"=37
|
||||
BLOCK="block"=38
|
||||
IN="in"=39
|
||||
OUT="out"=40
|
||||
LOG="log"=41
|
||||
OPENING_PAREN=42
|
||||
CLOSING_PAREN=43
|
||||
ALL="all"=44
|
||||
USER="user"=45
|
||||
TO="to"=46
|
||||
QUICK="quick"=47
|
||||
ON="on"=48
|
||||
INET="inet"=49
|
||||
INET6="inet6"=50
|
||||
PROTO="proto"=51
|
||||
IP="ip"=52
|
||||
ICMP="icmp"=53
|
||||
IGMP="igmp"=54
|
||||
TCP="tcp"=55
|
||||
UDP="udp"=56
|
||||
RDP="rdp"=57
|
||||
RSVP="rsvp"=58
|
||||
GRE="gre"=59
|
||||
ESP="esp"=60
|
||||
AH="ah"=61
|
||||
EIGRP="eigrp"=62
|
||||
OSPF="ospf"=63
|
||||
IPIP="ipip"=64
|
||||
VRRP="vrrp"=65
|
||||
L2TP="l2tp"=66
|
||||
ISIS="isis"=67
|
||||
FROM="from"=68
|
||||
URPF_FAILED="urpf-failed"=69
|
||||
ANY="any"=70
|
||||
NO_ROUTE="no-route"=71
|
||||
IPV6=72
|
||||
ROUTE_TO="route-to"=73
|
||||
REPLY_TO="reply-to"=74
|
||||
FLAGS="flags"=75
|
||||
ICMP_TYPE="icmp-type"=76
|
||||
ICMP_CODE="code"=77
|
||||
ICMP6_TYPE="icmp6-type"=78
|
||||
TAGGED="tagged"=79
|
||||
TAG="tag"=80
|
||||
NO="no"=81
|
||||
KEEP="keep"=82
|
||||
MODULATE="modulate"=83
|
||||
SYNPROXY="synproxy"=84
|
||||
STATE="state"=85
|
||||
LABEL="label"=86
|
||||
PORT="port"=87
|
||||
EXIT="exit"=88
|
||||
QUIT="quit"=89
|
||||
INTRFACE="interface"=90
|
||||
ICMP6="icmp6"=91
|
||||
IGRP="igrp"=92
|
||||
IPSEC="ipsec"=93
|
||||
NOS="nos"=94
|
||||
PCP="pcp"=95
|
||||
PIM="pim"=96
|
||||
PPTP="pptp"=97
|
||||
RIP="rip"=98
|
||||
SNP="snp"=99
|
||||
HOST="host"=100
|
||||
RANGE="range"=101
|
||||
LOG_LEVEL_ALERTS="alerts"=102
|
||||
LOG_LEVEL_CRITICAL="critical"=103
|
||||
|
||||
@ -173,8 +173,8 @@ altq_command : ALTQ
|
||||
{
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'altq' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'altq' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
}
|
||||
;
|
||||
@ -184,8 +184,8 @@ queue_command : QUEUE
|
||||
{
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'queue' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'queue' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
}
|
||||
;
|
||||
@ -266,6 +266,18 @@ tableaddr_spec { AddressSpec as; } :
|
||||
{
|
||||
as.at = AddressSpec::INTERFACE_BROADCAST;
|
||||
}
|
||||
|
|
||||
PEER
|
||||
{
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:peer' is not supported."));
|
||||
}
|
||||
|
|
||||
INT_CONST
|
||||
{
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:0' is not supported."));
|
||||
}
|
||||
)
|
||||
)?
|
||||
|
|
||||
@ -312,8 +324,8 @@ binat_command : BINAT
|
||||
{
|
||||
importer->clear();
|
||||
importer->setCurrentLineNumber(LT(0)->getLine());
|
||||
importer->addMessageToLog(
|
||||
QString("Error: import of 'binat' commands is not supported."));
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'binat' commands is not supported."));
|
||||
consumeUntil(NEWLINE);
|
||||
}
|
||||
;
|
||||
@ -580,6 +592,18 @@ host { AddressSpec as; } :
|
||||
{
|
||||
as.at = AddressSpec::INTERFACE_BROADCAST;
|
||||
}
|
||||
|
|
||||
PEER
|
||||
{
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:peer' is not supported."));
|
||||
}
|
||||
|
|
||||
INT_CONST
|
||||
{
|
||||
importer->error_tracker->registerError(
|
||||
QString("import of 'interface:0' is not supported."));
|
||||
}
|
||||
)
|
||||
)?
|
||||
|
|
||||
@ -591,8 +615,7 @@ host { AddressSpec as; } :
|
||||
|
|
||||
IPV6
|
||||
{
|
||||
importer->addMessageToLog(
|
||||
QString("Error: IPv6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("IPv6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
}
|
||||
|
|
||||
@ -659,8 +682,7 @@ routehost { RouteSpec rs; } :
|
||||
{
|
||||
if (v6)
|
||||
{
|
||||
importer->addMessageToLog(
|
||||
QString("Error: IPv6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("IPv6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
} else
|
||||
{
|
||||
@ -714,8 +736,8 @@ tcp_flags :
|
||||
(
|
||||
ANY
|
||||
{
|
||||
importer->flags_check = "any";
|
||||
importer->flags_mask = "all";
|
||||
importer->flags_check = "none";
|
||||
importer->flags_mask = "none";
|
||||
}
|
||||
|
|
||||
( check:WORD )? SLASH ( mask:WORD )?
|
||||
@ -752,7 +774,7 @@ icmp_type_code { IcmpSpec is; } :
|
||||
(
|
||||
WORD { is.icmp_code_name = LT(0)->getText(); }
|
||||
|
|
||||
INT_CONST { is.icmp_code_int = LT(0)->getText(); }
|
||||
INT_CONST { is.icmp_code_int = LT(0)->getText(); }
|
||||
)
|
||||
)?
|
||||
{
|
||||
@ -774,8 +796,7 @@ icmp_list :
|
||||
icmp6_type :
|
||||
ICMP6_TYPE
|
||||
{
|
||||
importer->addMessageToLog(
|
||||
QString("Error: ICMP6 import is not supported. "));
|
||||
importer->addMessageToLog(QString("ICMP6 import is not supported. "));
|
||||
consumeUntil(NEWLINE);
|
||||
}
|
||||
;
|
||||
@ -1048,6 +1069,7 @@ tokens
|
||||
ICMP_TYPE = "icmp-type";
|
||||
ICMP6_TYPE = "icmp6-type";
|
||||
ICMP_CODE = "code";
|
||||
|
||||
}
|
||||
|
||||
LINE_COMMENT : "#" (~('\r' | '\n'))* NEWLINE ;
|
||||
|
||||
16
src/unit_tests/PFImporterTest/test_data/pf-icmp-matches.conf
Normal file
16
src/unit_tests/PFImporterTest/test_data/pf-icmp-matches.conf
Normal file
@ -0,0 +1,16 @@
|
||||
|
||||
icmp_services="echorep unreach squench redir althost echoreq routeradv routersol timex paramprob timereq timerep inforeq inforep maskreq maskrep trace dataconv mobredir ipv6-where ipv6-here mobregreq mobregrep skip photuris"
|
||||
|
||||
# icmp matches
|
||||
pass quick on pcn0 inet proto icmp all icmp-type 8
|
||||
pass quick on pcn0 inet proto icmp all icmp-type 8 code 0
|
||||
pass quick on pcn0 inet proto icmp all icmp-type echoreq
|
||||
pass quick on pcn0 inet proto icmp all icmp-type echoreq code 0
|
||||
pass quick on pcn0 inet proto icmp all icmp-type unreach code net-unr
|
||||
pass quick on pcn0 inet proto icmp all icmp-type unreach code 1
|
||||
pass quick on pcn0 inet proto icmp all icmp-type unreach code host-unr
|
||||
pass quick on pcn0 inet proto icmp all icmp-type unreach code proto-unr
|
||||
pass quick on pcn0 inet proto icmp all icmp-type unreach code port-unr
|
||||
pass quick on pcn0 inet proto icmp all icmp-type { $icmp_services }
|
||||
|
||||
|
||||
@ -0,0 +1,8 @@
|
||||
|
||||
|
||||
# interface:network interface:broacast interface:peer and interface:0
|
||||
pass in quick from pcn0:network to self
|
||||
pass in quick from pcn0:broadcast to self
|
||||
pass in quick from pcn0:peer to self
|
||||
pass in quick from pcn0:0 to self
|
||||
|
||||
16
src/unit_tests/PFImporterTest/test_data/pf-port-matches.conf
Normal file
16
src/unit_tests/PFImporterTest/test_data/pf-port-matches.conf
Normal file
@ -0,0 +1,16 @@
|
||||
|
||||
|
||||
# port matches
|
||||
pass in quick proto tcp from any to self port = 22
|
||||
pass in quick proto tcp from any to self port 22
|
||||
pass in quick proto tcp from any to self port != 22
|
||||
pass in quick proto tcp from any to self port < 1024
|
||||
pass in quick proto tcp from any to self port <= 1024
|
||||
pass in quick proto tcp from any to self port > 1024
|
||||
pass in quick proto tcp from any to self port >= 1024
|
||||
|
||||
# port ranges
|
||||
pass in quick proto tcp from any to self port 1000:1010
|
||||
pass in quick proto tcp from any to self port 1000><1010
|
||||
pass in quick proto tcp from any to self port 1000<>1010
|
||||
|
||||
11
src/unit_tests/PFImporterTest/test_data/pf-set-commands.conf
Normal file
11
src/unit_tests/PFImporterTest/test_data/pf-set-commands.conf
Normal file
@ -0,0 +1,11 @@
|
||||
|
||||
set debug crit
|
||||
set state-policy if-bound
|
||||
set block-policy return
|
||||
set limit { frags 5000, states 10000 }
|
||||
set optimization aggressive
|
||||
set timeout interval 10
|
||||
set timeout frag 30
|
||||
set timeout adaptive.start 10
|
||||
set timeout adaptive.end 100
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user