onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-25 12:47:44 +01:00
Code Issues Releases Wiki Activity

* IPTImporter.cpp (pushNATRule): see #2196 "iptables nat rules

Browse Source 
with target REDIRECT not imported". Iptables NAT rules with target
REDIRECT where not imported correctly.

* IPTImporter.cpp (pushNATRule): see #2190 "support for import of
branches in NAT rules for iptables". Implemented import of NAT
rules in user-defined chains for iptables, these translate into
branching NAT rules in fwbuilder.
This commit is contained in:
Vadim Kurland 2011-03-07 18:21:04 -08:00
parent df3f79eb8c
commit a268a91f7b
15 changed files with 689 additions and 543 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/ChangeLog
View File

@ -1,3 +1,14 @@
2011-03-07 vadim <vadim@netcitadel.com>
* IPTImporter.cpp (pushNATRule): see #2196 "iptables nat rules
with target REDIRECT not imported". Iptables NAT rules with target
REDIRECT where not imported correctly.
* IPTImporter.cpp (pushNATRule): see #2190 "support for import of
branches in NAT rules for iptables". Implemented import of NAT
rules in user-defined chains for iptables, these translate into
branching NAT rules in fwbuilder.
2011-03-06 vadim <vadim@netcitadel.com>
* Importer.cpp (ignoreCurrentInterface): see #2152 "ASA Import -

2
src/libgui/IOSImporter.h
View File

@ -37,6 +37,8 @@
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/Logger.h"
#include "fwbuilder/Policy.h"
class IOSImporter : public Importer
{

209
src/libgui/IPTImporter.cpp
View File

@ -551,8 +551,8 @@ void IPTImporter::processModuleMatches()
string branch_chain = str.str();
branch_depth++;
PolicyRule *new_rule = createBranch(rule, branch_chain,
true, true);
PolicyRule *new_rule = createPolicyBranch(rule, branch_chain,
true, true);
addAllModuleMatches(new_rule);
}
@ -644,14 +644,13 @@ void IPTImporter::addRecentMatch(PolicyRule *rule)
* and other attributes. The original rule's action changes however
* and becomes "Branch".
*/
PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
const std::string &branch_ruleset_name,
bool clear_rule_elements,
bool make_stateless)
PolicyRule* IPTImporter::createPolicyBranch(
PolicyRule *rule, const std::string &branch_ruleset_name,
bool clear_rule_elements, bool make_stateless)
{
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name);
rs = getUnidirRuleSet(branch_ruleset_name, Policy::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
rs->ruleset->setName(branch_ruleset_name);
@ -694,6 +693,54 @@ PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
return new_rule;
}
NATRule* IPTImporter::createNATBranch(
NATRule *rule, const std::string &branch_ruleset_name,
bool clear_rule_elements)
{
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name, NAT::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
rs->ruleset->setName(branch_ruleset_name);
FWObjectDatabase *dbroot = getFirewallObject()->getRoot();
NATRule *new_rule = NATRule::cast(dbroot->create(NATRule::TYPENAME));
rs->ruleset->add(new_rule);
new_rule->duplicate(rule);
rule->setRuleType(NATRule::NATBranch);
rule->setBranch(rs->ruleset);
if (rule->getParent() != NULL)
{
ostringstream str1;
str1 << "Called from ruleset " << rule->getParent()->getName()
<< ", rule " << rule->getPosition();
new_rule->setComment(str1.str());
}
if (clear_rule_elements)
{
RuleElement* re;
re = new_rule->getOSrc(); re->reset();
re = new_rule->getODst(); re->reset();
re = new_rule->getOSrv(); re->reset();
re = new_rule->getTSrc(); re->reset();
re = new_rule->getTDst(); re->reset();
re = new_rule->getTSrv(); re->reset();
re = new_rule->getItfInb(); re->reset();
re = new_rule->getItfOutb(); re->reset();
}
QString l("Created branch %1\n");
*Importer::logger << l.arg(branch_ruleset_name.c_str()).toUtf8().constData();
return new_rule;
}
void IPTImporter::pushRule()
{
@ -893,7 +940,7 @@ void IPTImporter::pushPolicyRule()
action = PolicyRule::Branch;
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name);
rs = getUnidirRuleSet(branch_ruleset_name, Policy::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
@ -949,10 +996,10 @@ void IPTImporter::pushPolicyRule()
aux_branch_number++;
string branch_ruleset_name = str.str();
// two boolean args of createBranch() clear all rule elements
// two boolean args of createPolicyBranch() clear all rule elements
// of the rule in the branch rule set and make it stateless
PolicyRule *new_rule = createBranch(rule, branch_ruleset_name,
true, true);
PolicyRule *new_rule = createPolicyBranch(rule, branch_ruleset_name,
true, true);
new_rule->setDirection(PolicyRule::Both);
RuleElement* re = new_rule->getSrv();
@ -1049,7 +1096,7 @@ void IPTImporter::pushPolicyRule()
ruleset->add(current_rule);
} else
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain);
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain, Policy::TYPENAME);
assert(rs!=NULL);
rs->ruleset->add(current_rule);
ruleset = rs->ruleset;
@ -1076,9 +1123,9 @@ void IPTImporter::pushPolicyRule()
// note that this new rule only matches interface and
// direction, everything else has been matched by the main
// rule. There is no need for the rule in the branch to be stateful
// (that is what the last bool argument for createBranch() is for)
PolicyRule *new_rule = createBranch(rule, branch_ruleset_name,
true, true);
// (that is what the last bool argument for createPolicyBranch() is for)
PolicyRule *new_rule = createPolicyBranch(rule, branch_ruleset_name,
true, true);
// Important: at this point we have assembled the
// current_rule completely. This means all rule elements,
@ -1113,9 +1160,6 @@ void IPTImporter::pushPolicyRule()
.arg(getCurrentLineNumber())
.arg(branch_ruleset_name.c_str()).arg(interfaces)
.toUtf8().constData();
// markCurrentRuleBad(
// std::string("Can not set inbound and outbound interface simultaneously. Was: -i ") + i_intf + " -o " + o_intf);
} else
{
if ( !i_intf.empty())
@ -1143,13 +1187,6 @@ void IPTImporter::pushPolicyRule()
}
// *Importer::logger << "Rule: " << rule->getActionAsString() << " "
// << "protocol=" << protocol << " "
// << "src=" << src_a << "/" << src_nm << " ";
// if (dst_a!="")
// *Importer::logger << "dst=" << dst_a << "/" << dst_nm << " ";
// *Importer::logger << "\n";
current_rule = NULL;
rule_comment = "";
@ -1176,13 +1213,17 @@ void IPTImporter::pushNATRule()
if (dst_nm.empty()) dst_nm = InetAddr::getAllOnes().toString();
if (nat_nm.empty()) nat_nm = InetAddr::getAllOnes().toString();
NATRule::NATRuleTypes rule_type = NATRule::Unknown;
if (target=="ACCEPT")
{
rule->setRuleType(NATRule::NONAT);
rule_type = NATRule::NONAT;
}
if (target=="MASQUERADE")
{
rule->setRuleType(NATRule::Masq);
rule_type = NATRule::Masq;
RuleElementTSrc *re = rule->getTSrc();
assert(re!=NULL);
if ( !o_intf.empty() )
@ -1195,9 +1236,11 @@ void IPTImporter::pushNATRule()
re->addRef(getFirewallObject());
}
}
if (target=="SNAT")
{
rule->setRuleType(NATRule::SNAT);
rule_type = NATRule::SNAT;
FWObject *tsrc = NULL;
if (nat_addr1!=nat_addr2)
tsrc = createAddressRange(nat_addr1, nat_addr2);
@ -1232,7 +1275,8 @@ void IPTImporter::pushNATRule()
if (target=="DNAT")
{
rule->setRuleType(NATRule::DNAT);
rule_type = NATRule::DNAT;
FWObject *tdst = NULL;
if (nat_addr1!=nat_addr2)
tdst = createAddressRange(nat_addr1, nat_addr2);
@ -1263,12 +1307,43 @@ void IPTImporter::pushNATRule()
itf_i_re->addRef(intf);
}
}
if (target=="REDIRECT")
{
rule_type = NATRule::Redirect;
RuleElementTDst *re = rule->getTDst();
assert(re!=NULL);
re->addRef(getFirewallObject());
if (!nat_port_range_start.empty())
{
str_tuple empty_range("0", "0");
str_tuple nat_port_range(nat_port_range_start, nat_port_range_end);
FWObject *s = createTCPUDPService(empty_range, nat_port_range,
protocol);
RuleElementTSrv *re = rule->getTSrv();
assert(re!=NULL);
re->addRef(s);
}
if ( ! o_intf.empty())
{
RuleElement *itf_o_re = rule->getItfOutb();
assert(itf_o_re!=NULL);
newInterface(o_intf);
Interface *intf = all_interfaces[o_intf];
itf_o_re->addRef(intf);
}
}
if (target=="NETMAP")
{
FWObject *o = NULL;
if (!src_a.empty())
{
rule->setRuleType(NATRule::SNetnat);
rule_type = NATRule::SNetnat;
o = createAddress(src_a, src_nm);
RuleElementOSrc *osrc = rule->getOSrc();
osrc->addRef(o);
@ -1277,9 +1352,11 @@ void IPTImporter::pushNATRule()
o = createAddress(nat_addr1, nat_nm);
tsrc->addRef(o);
}
if (!dst_a.empty())
{
rule->setRuleType(NATRule::DNetnat);
rule_type = NATRule::DNetnat;
o = createAddress(dst_a, dst_nm);
RuleElementOSrc *odst = rule->getOSrc();
odst->addRef(o);
@ -1290,12 +1367,58 @@ void IPTImporter::pushNATRule()
}
}
if (rule_type==NATRule::Unknown)
{
if (fwbdebug)
qDebug("Unknown target %s, creating branch", target.c_str());
// unknown target, consider it a branch
//
std::string branch_ruleset_name = target;
rule_type = NATRule::NATBranch;
rule->setAction(NATRule::Branch);
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
{
rs = getUnidirRuleSet(branch_ruleset_name, NAT::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
}
rs->ruleset->setName(target);
rule->setBranch(rs->ruleset);
}
rule->setRuleType(rule_type);
// add rule to the right ruleset
RuleSet *ruleset = NULL;
std::string ruleset_name = "";
if (isStandardChain(current_chain))
{
ruleset = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
assert(ruleset!=NULL);
ruleset->add(current_rule);
} else
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain, NAT::TYPENAME);
assert(rs!=NULL);
rs->ruleset->add(current_rule);
ruleset = rs->ruleset;
}
// renumber to clean-up rule positions
ruleset->renumberRules();
current_rule->setComment(rule_comment);
RuleSet *nat = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
assert( nat!=NULL );
nat->add(current_rule);
// RuleSet *nat = RuleSet::cast(
// getFirewallObject()->getFirstByType(NAT::TYPENAME));
// assert( nat!=NULL );
// nat->add(current_rule);
current_rule = NULL;
rule_comment = "";
@ -1449,7 +1572,7 @@ UnidirectionalRuleSet* IPTImporter::checkUnidirRuleSet(
}
UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
const std::string &ruleset_name)
const std::string &ruleset_name, const string &ruleset_type_name)
{
string all_rulesets_index = current_table + "/" + ruleset_name;
UnidirectionalRuleSet *rs = all_rulesets[all_rulesets_index];
@ -1460,7 +1583,7 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
if (isStandardChain(ruleset_name))
{
if (current_table == "nat")
if (ruleset_type_name == NAT::TYPENAME)
ruleset = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
else
@ -1521,12 +1644,7 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
} else
{
if (current_table == "nat")
ruleset = RuleSet::cast(dbroot->create(NAT::TYPENAME));
else
ruleset = RuleSet::cast(dbroot->create(Policy::TYPENAME));
ruleset = RuleSet::cast(dbroot->create(ruleset_type_name));
ruleset->setName(ruleset_name);
getFirewallObject()->add(ruleset);
}
@ -1540,9 +1658,10 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
return rs;
}
void IPTImporter::newUnidirRuleSet(const std::string &chain_name)
void IPTImporter::newUnidirRuleSet(const string &chain_name,
const string &ruleset_type)
{
current_ruleset = getUnidirRuleSet(chain_name); // creates if new
current_ruleset = getUnidirRuleSet(chain_name, ruleset_type); // creates if new
QString l("Ruleset: %1 / %2\n");
*Importer::logger << l.arg(current_table.c_str()).arg(current_ruleset->name.c_str())
.toStdString();

14
src/libgui/IPTImporter.h
View File

@ -37,6 +37,8 @@
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/Logger.h"
#include "fwbuilder/Policy.h"
#include "fwbuilder/NAT.h"
typedef std::pair<std::string,std::string> str_tuple;
@ -75,10 +77,14 @@ class IPTImporter : public Importer
void addRecentMatch(libfwbuilder::PolicyRule *rule);
void addPktTypeMatch(libfwbuilder::PolicyRule *rule);
libfwbuilder::PolicyRule* createBranch(
libfwbuilder::PolicyRule* createPolicyBranch(
libfwbuilder::PolicyRule *rule, const std::string &branch_name,
bool clear_rule_elements, bool make_stateless);
libfwbuilder::NATRule* createNATBranch(
libfwbuilder::NATRule *rule, const std::string &branch_name,
bool clear_rule_elements);
public:
int service_group_name_seed;
@ -161,12 +167,12 @@ class IPTImporter : public Importer
virtual void pushRule();
virtual UnidirectionalRuleSet* getUnidirRuleSet(
const std::string &rsname);
const std::string &rsname, const std::string &ruleset_type_name);
virtual UnidirectionalRuleSet* checkUnidirRuleSet(
const std::string &rsname);
virtual void newUnidirRuleSet(const std::string &name);
virtual void newUnidirRuleSet(const std::string &name, const std::string &ruleset_type);
// this method actually adds interfaces to the firewall object
// and does final clean up.

20
src/libgui/Importer.cpp
View File

@ -403,25 +403,19 @@ UnidirectionalRuleSet* Importer::checkUnidirRuleSet(
return all_rulesets[ruleset_name];
}
UnidirectionalRuleSet* Importer::getUnidirRuleSet(const std::string &ruleset_name)
UnidirectionalRuleSet* Importer::getUnidirRuleSet(
const std::string &ruleset_name, const string &ruleset_type_name)
{
UnidirectionalRuleSet *rs = all_rulesets[ruleset_name];
if (rs==NULL)
{
// got 'ip access-group' command before the access list was defined
rs = new UnidirectionalRuleSet();
rs->name = ruleset_name;
FWObjectDatabase *dbroot = getFirewallObject()->getRoot();
if (ruleset_name == "nat")
rs->ruleset = RuleSet::cast(dbroot->create(NAT::TYPENAME));
else
rs->ruleset = RuleSet::cast(dbroot->create(Policy::TYPENAME));
rs->ruleset = RuleSet::cast(dbroot->create(ruleset_type_name));
rs->ruleset->setName(ruleset_name);
all_rulesets[ruleset_name] = rs;
// add this ruleset to the firewall temporarily
// because ruleset must belong to the tree somewhere in
// order for other objects to be added properly.
@ -443,7 +437,8 @@ void Importer::setInterfaceAndDirectionForRuleSet(const std::string &ruleset_nam
const std::string &_intf_name,
const std::string &_dir)
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(ruleset_name);
UnidirectionalRuleSet *rs = getUnidirRuleSet(ruleset_name, Policy::TYPENAME);
std::string intf;
if ( !_intf_name.empty()) intf = _intf_name;
else intf = current_interface->getName();
@ -466,9 +461,10 @@ void Importer::setInterfaceAndDirectionForRuleSet(const std::string &ruleset_nam
*logger << str.str();
}
void Importer::newUnidirRuleSet(const std::string &ruleset_name)
void Importer::newUnidirRuleSet(const string &ruleset_name,
const string &ruleset_type)
{
current_ruleset = getUnidirRuleSet(ruleset_name); // creates if new
current_ruleset = getUnidirRuleSet(ruleset_name, ruleset_type); // creates if new
*logger << "Ruleset: " + ruleset_name + "\n";
}

6
src/libgui/Importer.h
View File

@ -156,7 +156,8 @@ protected:
// finds and rturns pointer to ruleset "rsname". If it does not
// exists, it is created
virtual UnidirectionalRuleSet* getUnidirRuleSet(const std::string &rsname);
virtual UnidirectionalRuleSet* getUnidirRuleSet(
const std::string &ruleset_name, const std::string &ruleset_type_name);
virtual libfwbuilder::FWObject* getCustomService(const std::string &platform,
const std::string &code,
@ -300,7 +301,8 @@ public:
* has interface association and direction that apply to all rules
* in the set.
*/
virtual void newUnidirRuleSet(const std::string &name);
virtual void newUnidirRuleSet(const std::string &name,
const std::string &ruleset_type);
/**
* Sets default action for the current rule set.

10
src/parsers/IOSCfgLexer.cpp
View File

@ -432,7 +432,7 @@ void IOSCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 702 "iosacl.g"
#line 703 "iosacl.g"
newline();
#line 438 "IOSCfgLexer.cpp"
}
@ -513,7 +513,7 @@ void IOSCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 697 "iosacl.g"
#line 698 "iosacl.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 519 "IOSCfgLexer.cpp"
}
@ -749,7 +749,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 722 "iosacl.g"
#line 723 "iosacl.g"
_ttype = IPV4;
#line 755 "IOSCfgLexer.cpp"
}
@ -852,7 +852,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 728 "iosacl.g"
#line 729 "iosacl.g"
_ttype = HEX_CONST;
#line 858 "IOSCfgLexer.cpp"
}
@ -873,7 +873,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
_loop124:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 726 "iosacl.g"
#line 727 "iosacl.g"
_ttype = INT_CONST;
#line 879 "IOSCfgLexer.cpp"
}

207
src/parsers/IOSCfgParser.cpp
View File

@ -283,7 +283,7 @@ void IOSCfgParser::intrface() {
in = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 484 "iosacl.g"
#line 485 "iosacl.g"
importer->newInterface( in->getText() );
*dbg << in->getLine() << ":"
@ -308,7 +308,7 @@ void IOSCfgParser::controller() {
try { // for error handling
match(CONTROLLER);
if ( inputState->guessing==0 ) {
#line 475 "iosacl.g"
#line 476 "iosacl.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -349,7 +349,7 @@ void IOSCfgParser::vlan() {
}
}
if ( inputState->guessing==0 ) {
#line 466 "iosacl.g"
#line 467 "iosacl.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -377,11 +377,12 @@ void IOSCfgParser::access_list_commands() {
if ( inputState->guessing==0 ) {
#line 176 "iosacl.g"
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME);
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
#line 385 "IOSCfgParser.cpp"
#line 386 "IOSCfgParser.cpp"
}
{
if ((LA(1) == PERMIT) && (LA(2) == IPV4 || LA(2) == ANY)) {
@ -435,7 +436,7 @@ void IOSCfgParser::description() {
try { // for error handling
match(DESCRIPTION);
if ( inputState->guessing==0 ) {
#line 495 "iosacl.g"
#line 496 "iosacl.g"
*dbg << LT(1)->getLine() << ":";
std::string descr;
@ -448,7 +449,7 @@ void IOSCfgParser::description() {
*dbg << " DESCRIPTION " << descr << std::endl;
//consumeUntil(NEWLINE);
#line 452 "IOSCfgParser.cpp"
#line 453 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -466,12 +467,12 @@ void IOSCfgParser::shutdown() {
try { // for error handling
match(SHUTDOWN);
if ( inputState->guessing==0 ) {
#line 528 "iosacl.g"
#line 529 "iosacl.g"
*dbg<< LT(1)->getLine() << ":"
<< " INTERFACE SHUTDOWN " << std::endl;
#line 475 "IOSCfgParser.cpp"
#line 476 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -495,7 +496,7 @@ void IOSCfgParser::certificate() {
consumeUntil(NEWLINE);
consumeUntil(QUIT);
#line 499 "IOSCfgParser.cpp"
#line 500 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -517,7 +518,7 @@ void IOSCfgParser::quit() {
consumeUntil(NEWLINE);
#line 521 "IOSCfgParser.cpp"
#line 522 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -539,7 +540,7 @@ void IOSCfgParser::unknown_command() {
consumeUntil(NEWLINE);
#line 543 "IOSCfgParser.cpp"
#line 544 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -561,13 +562,13 @@ void IOSCfgParser::ip_access_list_ext() {
name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 197 "iosacl.g"
#line 198 "iosacl.g"
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
#line 571 "IOSCfgParser.cpp"
#line 572 "IOSCfgParser.cpp"
}
match(NEWLINE);
{ // ( ... )+
@ -605,12 +606,12 @@ void IOSCfgParser::ip_access_list_ext() {
_loop17:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 214 "iosacl.g"
#line 215 "iosacl.g"
*dbg << LT(0)->getLine() << ":"
<< " ACL end" << std::endl << std::endl;
#line 614 "IOSCfgParser.cpp"
#line 615 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -662,7 +663,7 @@ void IOSCfgParser::community_list_command() {
consumeUntil(NEWLINE);
#line 666 "IOSCfgParser.cpp"
#line 667 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -680,23 +681,23 @@ void IOSCfgParser::permit_std() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 249 "iosacl.g"
#line 250 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 691 "IOSCfgParser.cpp"
#line 692 "IOSCfgParser.cpp"
}
rule_std();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 256 "iosacl.g"
#line 257 "iosacl.g"
importer->pushRule();
#line 700 "IOSCfgParser.cpp"
#line 701 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -714,23 +715,23 @@ void IOSCfgParser::deny_std() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 262 "iosacl.g"
#line 263 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 725 "IOSCfgParser.cpp"
#line 726 "IOSCfgParser.cpp"
}
rule_std();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 269 "iosacl.g"
#line 270 "iosacl.g"
importer->pushRule();
#line 734 "IOSCfgParser.cpp"
#line 735 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -748,23 +749,23 @@ void IOSCfgParser::permit_ext() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 222 "iosacl.g"
#line 223 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 759 "IOSCfgParser.cpp"
#line 760 "IOSCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 229 "iosacl.g"
#line 230 "iosacl.g"
importer->pushRule();
#line 768 "IOSCfgParser.cpp"
#line 769 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -782,23 +783,23 @@ void IOSCfgParser::deny_ext() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 235 "iosacl.g"
#line 236 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 793 "IOSCfgParser.cpp"
#line 794 "IOSCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 242 "iosacl.g"
#line 243 "iosacl.g"
importer->pushRule();
#line 802 "IOSCfgParser.cpp"
#line 803 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -816,7 +817,7 @@ void IOSCfgParser::remark() {
try { // for error handling
match(REMARK);
if ( inputState->guessing==0 ) {
#line 513 "iosacl.g"
#line 514 "iosacl.g"
*dbg << LT(1)->getLine() << ":";
std::string rem;
@ -829,7 +830,7 @@ void IOSCfgParser::remark() {
*dbg << " REMARK " << rem << std::endl;
//consumeUntil(NEWLINE);
#line 833 "IOSCfgParser.cpp"
#line 834 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -853,15 +854,15 @@ void IOSCfgParser::rule_ext() {
ip_protocols();
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 279 "iosacl.g"
#line 280 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 859 "IOSCfgParser.cpp"
#line 860 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 280 "iosacl.g"
#line 281 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 865 "IOSCfgParser.cpp"
#line 866 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -926,24 +927,24 @@ void IOSCfgParser::rule_ext() {
{
match(ICMP);
if ( inputState->guessing==0 ) {
#line 286 "iosacl.g"
#line 287 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 935 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 290 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 941 "IOSCfgParser.cpp"
#line 936 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 291 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 942 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 292 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 947 "IOSCfgParser.cpp"
#line 948 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1048,18 +1049,18 @@ void IOSCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 298 "iosacl.g"
#line 299 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1057 "IOSCfgParser.cpp"
#line 1058 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 302 "iosacl.g"
#line 303 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1063 "IOSCfgParser.cpp"
#line 1064 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1071,9 +1072,9 @@ void IOSCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 303 "iosacl.g"
#line 304 "iosacl.g"
importer->SaveTmpPortToSrc();
#line 1077 "IOSCfgParser.cpp"
#line 1078 "IOSCfgParser.cpp"
}
break;
}
@ -1091,9 +1092,9 @@ void IOSCfgParser::rule_ext() {
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 304 "iosacl.g"
#line 305 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1097 "IOSCfgParser.cpp"
#line 1098 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1105,9 +1106,9 @@ void IOSCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 305 "iosacl.g"
#line 306 "iosacl.g"
importer->SaveTmpPortToDst();
#line 1111 "IOSCfgParser.cpp"
#line 1112 "IOSCfgParser.cpp"
}
break;
}
@ -1213,11 +1214,11 @@ void IOSCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 311 "iosacl.g"
#line 312 "iosacl.g"
*dbg << std::endl;
#line 1221 "IOSCfgParser.cpp"
#line 1222 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1236,9 +1237,9 @@ void IOSCfgParser::rule_std() {
{
hostaddr_std();
if ( inputState->guessing==0 ) {
#line 319 "iosacl.g"
#line 320 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(std) ";
#line 1242 "IOSCfgParser.cpp"
#line 1243 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1260,11 +1261,11 @@ void IOSCfgParser::rule_std() {
}
}
if ( inputState->guessing==0 ) {
#line 322 "iosacl.g"
#line 323 "iosacl.g"
*dbg << std::endl;
#line 1268 "IOSCfgParser.cpp"
#line 1269 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1299,12 +1300,12 @@ void IOSCfgParser::ip_protocols() {
}
}
if ( inputState->guessing==0 ) {
#line 330 "iosacl.g"
#line 331 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1308 "IOSCfgParser.cpp"
#line 1309 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1332,13 +1333,13 @@ void IOSCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 382 "iosacl.g"
#line 383 "iosacl.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1342 "IOSCfgParser.cpp"
#line 1343 "IOSCfgParser.cpp"
}
break;
}
@ -1351,13 +1352,13 @@ void IOSCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 389 "iosacl.g"
#line 390 "iosacl.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1361 "IOSCfgParser.cpp"
#line 1362 "IOSCfgParser.cpp"
}
break;
}
@ -1365,13 +1366,13 @@ void IOSCfgParser::hostaddr_ext() {
{
match(ANY);
if ( inputState->guessing==0 ) {
#line 396 "iosacl.g"
#line 397 "iosacl.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1375 "IOSCfgParser.cpp"
#line 1376 "IOSCfgParser.cpp"
}
break;
}
@ -1399,12 +1400,12 @@ void IOSCfgParser::time_range() {
tr_name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 448 "iosacl.g"
#line 449 "iosacl.g"
importer->time_range_name = tr_name->getText();
*dbg << "time_range " << tr_name->getText() << " ";
#line 1408 "IOSCfgParser.cpp"
#line 1409 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1422,12 +1423,12 @@ void IOSCfgParser::fragments() {
try { // for error handling
match(FRAGMENTS);
if ( inputState->guessing==0 ) {
#line 441 "iosacl.g"
#line 442 "iosacl.g"
importer->fragments = true;
*dbg << "fragments ";
#line 1431 "IOSCfgParser.cpp"
#line 1432 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1462,12 +1463,12 @@ void IOSCfgParser::log() {
}
}
if ( inputState->guessing==0 ) {
#line 427 "iosacl.g"
#line 428 "iosacl.g"
importer->logging = true;
*dbg << "logging ";
#line 1471 "IOSCfgParser.cpp"
#line 1472 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1497,7 +1498,7 @@ void IOSCfgParser::icmp_spec() {
match(INT_CONST);
}
if ( inputState->guessing==0 ) {
#line 338 "iosacl.g"
#line 339 "iosacl.g"
importer->icmp_type = icmp_type->getText();
importer->icmp_code = icmp_code->getText();
@ -1505,7 +1506,7 @@ void IOSCfgParser::icmp_spec() {
*dbg << icmp_type->getText() << " "
<< icmp_code->getText() << " ";
#line 1509 "IOSCfgParser.cpp"
#line 1510 "IOSCfgParser.cpp"
}
break;
}
@ -1514,12 +1515,12 @@ void IOSCfgParser::icmp_spec() {
icmp_word = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 347 "iosacl.g"
#line 348 "iosacl.g"
importer->icmp_spec = icmp_word->getText();
*dbg << icmp_word->getText() << " ";
#line 1523 "IOSCfgParser.cpp"
#line 1524 "IOSCfgParser.cpp"
}
break;
}
@ -1578,12 +1579,12 @@ void IOSCfgParser::established() {
try { // for error handling
match(ESTABLISHED);
if ( inputState->guessing==0 ) {
#line 434 "iosacl.g"
#line 435 "iosacl.g"
importer->established = true;
*dbg << "established ";
#line 1587 "IOSCfgParser.cpp"
#line 1588 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1608,13 +1609,13 @@ void IOSCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 405 "iosacl.g"
#line 406 "iosacl.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1618 "IOSCfgParser.cpp"
#line 1619 "IOSCfgParser.cpp"
}
}
else if ((LA(1) == IPV4) && (LA(2) == IPV4)) {
@ -1625,25 +1626,25 @@ void IOSCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 412 "iosacl.g"
#line 413 "iosacl.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1635 "IOSCfgParser.cpp"
#line 1636 "IOSCfgParser.cpp"
}
}
else if ((LA(1) == ANY)) {
match(ANY);
if ( inputState->guessing==0 ) {
#line 419 "iosacl.g"
#line 420 "iosacl.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1647 "IOSCfgParser.cpp"
#line 1648 "IOSCfgParser.cpp"
}
}
else {
@ -1693,12 +1694,12 @@ void IOSCfgParser::single_port_op() {
}
}
if ( inputState->guessing==0 ) {
#line 358 "iosacl.g"
#line 359 "iosacl.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1702 "IOSCfgParser.cpp"
#line 1703 "IOSCfgParser.cpp"
}
port_spec();
}
@ -1717,12 +1718,12 @@ void IOSCfgParser::port_range() {
try { // for error handling
match(P_RANGE);
if ( inputState->guessing==0 ) {
#line 366 "iosacl.g"
#line 367 "iosacl.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1726 "IOSCfgParser.cpp"
#line 1727 "IOSCfgParser.cpp"
}
port_spec();
port_spec();
@ -1759,12 +1760,12 @@ void IOSCfgParser::port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 374 "iosacl.g"
#line 375 "iosacl.g"
importer->tmp_port_spec += (std::string(" ") + LT(0)->getText());
*dbg << LT(0)->getText() << " ";
#line 1768 "IOSCfgParser.cpp"
#line 1769 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1788,7 +1789,7 @@ void IOSCfgParser::access_group_by_name() {
dir = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 554 "iosacl.g"
#line 555 "iosacl.g"
importer->setInterfaceAndDirectionForRuleSet(
acln->getText(),
@ -1798,7 +1799,7 @@ void IOSCfgParser::access_group_by_name() {
<< " INTRFACE: ACL '" << acln->getText() << "'"
<< " " << dir->getText() << std::endl;
#line 1802 "IOSCfgParser.cpp"
#line 1803 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1822,7 +1823,7 @@ void IOSCfgParser::access_group_by_number() {
dir = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 569 "iosacl.g"
#line 570 "iosacl.g"
importer->setInterfaceAndDirectionForRuleSet(
std::string("acl_") + acln->getText(),
@ -1832,7 +1833,7 @@ void IOSCfgParser::access_group_by_number() {
<< " INTRFACE: ACL '" << acln->getText() << "'"
<< " " << dir->getText() << std::endl;
#line 1836 "IOSCfgParser.cpp"
#line 1837 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1875,7 +1876,7 @@ void IOSCfgParser::intf_address() {
}
}
if ( inputState->guessing==0 ) {
#line 581 "iosacl.g"
#line 582 "iosacl.g"
importer->addInterfaceAddress(a->getText(), m->getText());
*dbg << LT(1)->getLine() << ":"
@ -1887,7 +1888,7 @@ void IOSCfgParser::intf_address() {
}
*dbg << std::endl;
#line 1891 "IOSCfgParser.cpp"
#line 1892 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {

18
src/parsers/IPTCfgLexer.cpp
View File

@ -681,7 +681,7 @@ void IPTCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 1183 "iptables.g"
#line 1186 "iptables.g"
newline(); resetText();
#line 687 "IPTCfgLexer.cpp"
}
@ -762,7 +762,7 @@ void IPTCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 1181 "iptables.g"
#line 1184 "iptables.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 768 "IPTCfgLexer.cpp"
}
@ -1029,7 +1029,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
match('.' /* charlit */ );
mNUM_3DIGIT(false);
if ( inputState->guessing==0 ) {
#line 1246 "iptables.g"
#line 1249 "iptables.g"
_ttype = IPV4;
#line 1035 "IPTCfgLexer.cpp"
}
@ -1055,7 +1055,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 1249 "iptables.g"
#line 1252 "iptables.g"
_ttype = HEX_CONST;
#line 1061 "IPTCfgLexer.cpp"
}
@ -1076,7 +1076,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
_loop198:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 1251 "iptables.g"
#line 1254 "iptables.g"
_ttype = INT_CONST;
#line 1082 "IPTCfgLexer.cpp"
}
@ -1392,7 +1392,7 @@ void IPTCfgLexer::mRSOURCE(bool _createToken) {
match("--rsource");
if ( inputState->guessing==0 ) {
#line 1275 "iptables.g"
#line 1278 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 1398 "IPTCfgLexer.cpp"
}
@ -2055,7 +2055,7 @@ void IPTCfgLexer::mULOG_QTHR(bool _createToken) {
match("--ulog-qthreshold");
if ( inputState->guessing==0 ) {
#line 1342 "iptables.g"
#line 1345 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2061 "IPTCfgLexer.cpp"
}
@ -2074,7 +2074,7 @@ void IPTCfgLexer::mULOG_NLG(bool _createToken) {
match("--ulog-nlgroup");
if ( inputState->guessing==0 ) {
#line 1343 "iptables.g"
#line 1346 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2080 "IPTCfgLexer.cpp"
}
@ -2093,7 +2093,7 @@ void IPTCfgLexer::mULOG_CPR(bool _createToken) {
match("--ulog-cprange");
if ( inputState->guessing==0 ) {
#line 1344 "iptables.g"
#line 1347 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2099 "IPTCfgLexer.cpp"
}

509
src/parsers/IPTCfgParser.cpp
View File

@ -172,10 +172,13 @@ void IPTCfgParser::create_chain() {
if ( inputState->guessing==0 ) {
#line 160 "iptables.g"
importer->newUnidirRuleSet(LT(0)->getText());
if (importer->current_table=="nat")
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::NAT::TYPENAME);
else
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::Policy::TYPENAME);
*dbg << "NEW CHAIN " << LT(0)->getText() << std::endl;
#line 179 "IPTCfgParser.cpp"
#line 182 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -196,12 +199,12 @@ void IPTCfgParser::create_chain() {
}
}
if ( inputState->guessing==0 ) {
#line 165 "iptables.g"
#line 168 "iptables.g"
importer->setDefaultAction(LT(0)->getText());
*dbg << "DEFAULT ACTION " << LT(0)->getText() << std::endl;
#line 205 "IPTCfgParser.cpp"
#line 208 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -247,7 +250,7 @@ void IPTCfgParser::add_rule() {
match(ADD_RULE);
chain_def();
if ( inputState->guessing==0 ) {
#line 175 "iptables.g"
#line 178 "iptables.g"
// push previous rule
*dbg << std::endl;
@ -262,7 +265,7 @@ void IPTCfgParser::add_rule() {
*dbg << "add_rule: line=" << LT(0)->getLine()
<< " chain=" << LT(0)->getText();
#line 266 "IPTCfgParser.cpp"
#line 269 "IPTCfgParser.cpp"
}
{ // ( ... )+
int _cnt14=0;
@ -303,7 +306,7 @@ void IPTCfgParser::commit() {
// clear current table
importer->current_table = "";
#line 307 "IPTCfgParser.cpp"
#line 310 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -582,9 +585,9 @@ void IPTCfgParser::match_mark() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 667 "iptables.g"
#line 670 "iptables.g"
importer->neg_match_mark = true;
#line 588 "IPTCfgParser.cpp"
#line 591 "IPTCfgParser.cpp"
}
break;
}
@ -618,12 +621,12 @@ void IPTCfgParser::match_mark() {
}
}
if ( inputState->guessing==0 ) {
#line 669 "iptables.g"
#line 672 "iptables.g"
importer->match_mark = LT(0)->getText();
*dbg << " MATCH MARK " << LT(0)->getText();
#line 627 "IPTCfgParser.cpp"
#line 630 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -671,11 +674,11 @@ void IPTCfgParser::src() {
try { // for error handling
match(OPT_SRC);
if ( inputState->guessing==0 ) {
#line 310 "iptables.g"
#line 313 "iptables.g"
*dbg << " SRC=";
#line 679 "IPTCfgParser.cpp"
#line 682 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -683,11 +686,11 @@ void IPTCfgParser::src() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 315 "iptables.g"
#line 318 "iptables.g"
importer->src_neg = true;
#line 691 "IPTCfgParser.cpp"
#line 694 "IPTCfgParser.cpp"
}
break;
}
@ -722,12 +725,12 @@ void IPTCfgParser::src() {
}
}
if ( inputState->guessing==0 ) {
#line 320 "iptables.g"
#line 323 "iptables.g"
importer->src_a = LT(0)->getText();
*dbg << LT(0)->getText();
#line 731 "IPTCfgParser.cpp"
#line 734 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -753,12 +756,12 @@ void IPTCfgParser::src() {
}
}
if ( inputState->guessing==0 ) {
#line 325 "iptables.g"
#line 328 "iptables.g"
importer->src_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 762 "IPTCfgParser.cpp"
#line 765 "IPTCfgParser.cpp"
}
break;
}
@ -816,11 +819,11 @@ void IPTCfgParser::dst() {
try { // for error handling
match(OPT_DST);
if ( inputState->guessing==0 ) {
#line 334 "iptables.g"
#line 337 "iptables.g"
*dbg << " DST=";
#line 824 "IPTCfgParser.cpp"
#line 827 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -828,11 +831,11 @@ void IPTCfgParser::dst() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 339 "iptables.g"
#line 342 "iptables.g"
importer->dst_neg = true;
#line 836 "IPTCfgParser.cpp"
#line 839 "IPTCfgParser.cpp"
}
break;
}
@ -867,12 +870,12 @@ void IPTCfgParser::dst() {
}
}
if ( inputState->guessing==0 ) {
#line 344 "iptables.g"
#line 347 "iptables.g"
importer->dst_a = LT(0)->getText();
*dbg << LT(0)->getText();
#line 876 "IPTCfgParser.cpp"
#line 879 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -898,12 +901,12 @@ void IPTCfgParser::dst() {
}
}
if ( inputState->guessing==0 ) {
#line 349 "iptables.g"
#line 352 "iptables.g"
importer->dst_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 907 "IPTCfgParser.cpp"
#line 910 "IPTCfgParser.cpp"
}
break;
}
@ -967,11 +970,11 @@ void IPTCfgParser::i_intf() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 360 "iptables.g"
#line 363 "iptables.g"
importer->intf_neg = true;
#line 975 "IPTCfgParser.cpp"
#line 978 "IPTCfgParser.cpp"
}
break;
}
@ -988,12 +991,12 @@ void IPTCfgParser::i_intf() {
i = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 365 "iptables.g"
#line 368 "iptables.g"
importer->i_intf = LT(0)->getText();
*dbg << " I_INTF=" << i->getText();
#line 997 "IPTCfgParser.cpp"
#line 1000 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1017,11 +1020,11 @@ void IPTCfgParser::o_intf() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 375 "iptables.g"
#line 378 "iptables.g"
importer->intf_neg = true;
#line 1025 "IPTCfgParser.cpp"
#line 1028 "IPTCfgParser.cpp"
}
break;
}
@ -1038,12 +1041,12 @@ void IPTCfgParser::o_intf() {
i = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 380 "iptables.g"
#line 383 "iptables.g"
importer->o_intf = LT(0)->getText();
*dbg << " O_INTF=" << i->getText();
#line 1047 "IPTCfgParser.cpp"
#line 1050 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1066,11 +1069,11 @@ void IPTCfgParser::proto() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 393 "iptables.g"
#line 396 "iptables.g"
importer->srv_neg = true;
#line 1074 "IPTCfgParser.cpp"
#line 1077 "IPTCfgParser.cpp"
}
break;
}
@ -1090,7 +1093,7 @@ void IPTCfgParser::proto() {
}
protocol_word();
if ( inputState->guessing==0 ) {
#line 398 "iptables.g"
#line 401 "iptables.g"
std::string tmp_s = LT(0)->getText();
importer->protocol.resize(tmp_s.size());
@ -1100,7 +1103,7 @@ void IPTCfgParser::proto() {
::tolower);
*dbg << " PROTO=" << importer->protocol;
#line 1104 "IPTCfgParser.cpp"
#line 1107 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1121,12 +1124,12 @@ void IPTCfgParser::target() {
t = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 411 "iptables.g"
#line 414 "iptables.g"
importer->target = LT(0)->getText();
*dbg << " TARGET=" << t->getText();
#line 1130 "IPTCfgParser.cpp"
#line 1133 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1156,12 +1159,12 @@ void IPTCfgParser::fragm() {
try { // for error handling
match(OPT_FRAGM);
if ( inputState->guessing==0 ) {
#line 616 "iptables.g"
#line 619 "iptables.g"
importer->fragments = true;
*dbg << " FRAGM";
#line 1165 "IPTCfgParser.cpp"
#line 1168 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1184,12 +1187,12 @@ void IPTCfgParser::icmp_type_spec() {
{
match(WORD);
if ( inputState->guessing==0 ) {
#line 899 "iptables.g"
#line 902 "iptables.g"
importer->icmp_spec = LT(0)->getText();
*dbg << " ICMP_SPEC=" << LT(0)->getText();
#line 1193 "IPTCfgParser.cpp"
#line 1196 "IPTCfgParser.cpp"
}
break;
}
@ -1198,13 +1201,13 @@ void IPTCfgParser::icmp_type_spec() {
{
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 906 "iptables.g"
#line 909 "iptables.g"
importer->icmp_type = LT(0)->getText();
importer->icmp_code = "-1";
*dbg << " ICMP_TYPE=" << LT(0)->getText();
#line 1208 "IPTCfgParser.cpp"
#line 1211 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1213,12 +1216,12 @@ void IPTCfgParser::icmp_type_spec() {
match(SLASH);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 913 "iptables.g"
#line 916 "iptables.g"
importer->icmp_code = LT(0)->getText();
*dbg << " ICMP_CODE=" << LT(0)->getText();
#line 1222 "IPTCfgParser.cpp"
#line 1225 "IPTCfgParser.cpp"
}
break;
}
@ -1310,11 +1313,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 997 "iptables.g"
#line 1000 "iptables.g"
importer->srv_neg = true;
#line 1318 "IPTCfgParser.cpp"
#line 1321 "IPTCfgParser.cpp"
}
break;
}
@ -1350,11 +1353,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 1002 "iptables.g"
#line 1005 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1358 "IPTCfgParser.cpp"
#line 1361 "IPTCfgParser.cpp"
}
break;
}
@ -1385,11 +1388,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 1009 "iptables.g"
#line 1012 "iptables.g"
importer->srv_neg = true;
#line 1393 "IPTCfgParser.cpp"
#line 1396 "IPTCfgParser.cpp"
}
break;
}
@ -1425,11 +1428,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 1014 "iptables.g"
#line 1017 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1433 "IPTCfgParser.cpp"
#line 1436 "IPTCfgParser.cpp"
}
break;
}
@ -1459,20 +1462,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_SRC_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 836 "iptables.g"
#line 839 "iptables.g"
importer->startSrcMultiPort();
*dbg << " SRC MULTIPORT=";
#line 1468 "IPTCfgParser.cpp"
#line 1471 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 841 "iptables.g"
#line 844 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1476 "IPTCfgParser.cpp"
#line 1479 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1480,11 +1483,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 845 "iptables.g"
#line 848 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1488 "IPTCfgParser.cpp"
#line 1491 "IPTCfgParser.cpp"
}
}
else {
@ -1502,20 +1505,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_DST_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 852 "iptables.g"
#line 855 "iptables.g"
importer->startDstMultiPort();
*dbg << " DST MULTIPORT=";
#line 1511 "IPTCfgParser.cpp"
#line 1514 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 857 "iptables.g"
#line 860 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1519 "IPTCfgParser.cpp"
#line 1522 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1523,11 +1526,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 861 "iptables.g"
#line 864 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1531 "IPTCfgParser.cpp"
#line 1534 "IPTCfgParser.cpp"
}
}
else {
@ -1545,20 +1548,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_BOTH_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 868 "iptables.g"
#line 871 "iptables.g"
importer->startBothMultiPort();
*dbg << " MULTIPORT PORTS=";
#line 1554 "IPTCfgParser.cpp"
#line 1557 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 873 "iptables.g"
#line 876 "iptables.g"
importer->pushTmpPortSpecToBothPortList();
#line 1562 "IPTCfgParser.cpp"
#line 1565 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1566,11 +1569,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 877 "iptables.g"
#line 880 "iptables.g"
importer->pushTmpPortSpecToBothPortList();
#line 1574 "IPTCfgParser.cpp"
#line 1577 "IPTCfgParser.cpp"
}
}
else {
@ -1609,9 +1612,9 @@ void IPTCfgParser::tcp_options() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 1043 "iptables.g"
#line 1046 "iptables.g"
importer->srv_neg = true;
#line 1615 "IPTCfgParser.cpp"
#line 1618 "IPTCfgParser.cpp"
}
break;
}
@ -1683,12 +1686,12 @@ void IPTCfgParser::match_limit_burst() {
match(MATCH_LIMIT_BURST);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 700 "iptables.g"
#line 703 "iptables.g"
importer->limit_burst = LT(0)->getText();
*dbg << " LIMIT BURST " << LT(0)->getText();
#line 1692 "IPTCfgParser.cpp"
#line 1695 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1740,12 +1743,12 @@ void IPTCfgParser::match_iprange_src() {
}
}
if ( inputState->guessing==0 ) {
#line 723 "iptables.g"
#line 726 "iptables.g"
importer->iprange_src_from = LT(0)->getText();
importer->using_iprange_src = true;
#line 1749 "IPTCfgParser.cpp"
#line 1752 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -1767,11 +1770,11 @@ void IPTCfgParser::match_iprange_src() {
}
}
if ( inputState->guessing==0 ) {
#line 728 "iptables.g"
#line 731 "iptables.g"
importer->iprange_src_to = LT(0)->getText();
#line 1775 "IPTCfgParser.cpp"
#line 1778 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1807,12 +1810,12 @@ void IPTCfgParser::match_iprange_dst() {
}
}
if ( inputState->guessing==0 ) {
#line 734 "iptables.g"
#line 737 "iptables.g"
importer->iprange_dst_from = LT(0)->getText();
importer->using_iprange_dst = true;
#line 1816 "IPTCfgParser.cpp"
#line 1819 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -1834,11 +1837,11 @@ void IPTCfgParser::match_iprange_dst() {
}
}
if ( inputState->guessing==0 ) {
#line 739 "iptables.g"
#line 742 "iptables.g"
importer->iprange_dst_to = LT(0)->getText();
#line 1842 "IPTCfgParser.cpp"
#line 1845 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1859,13 +1862,13 @@ void IPTCfgParser::unknown_option() {
match(MINUS);
match(WORD);
if ( inputState->guessing==0 ) {
#line 241 "iptables.g"
#line 244 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: -")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=-" << LT(0)->getText();
#line 1869 "IPTCfgParser.cpp"
#line 1872 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1923,13 +1926,13 @@ void IPTCfgParser::unknown_option() {
match(WORD);
}
if ( inputState->guessing==0 ) {
#line 251 "iptables.g"
#line 254 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: --")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=--" << LT(0)->getText();
#line 1933 "IPTCfgParser.cpp"
#line 1936 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1983,13 +1986,13 @@ void IPTCfgParser::unknown_option() {
{
match(UNSUPPORTED_OPTION);
if ( inputState->guessing==0 ) {
#line 261 "iptables.g"
#line 264 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: ")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=" << LT(0)->getText();
#line 1993 "IPTCfgParser.cpp"
#line 1996 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -2055,9 +2058,9 @@ void IPTCfgParser::unknown_option() {
}
void IPTCfgParser::unknown_parameter() {
#line 270 "iptables.g"
#line 273 "iptables.g"
std::string s;
#line 2061 "IPTCfgParser.cpp"
#line 2064 "IPTCfgParser.cpp"
try { // for error handling
if ((LA(1) == INT_CONST || LA(1) == DIGIT) && (LA(2) == SLASH)) {
@ -2069,9 +2072,9 @@ void IPTCfgParser::unknown_parameter() {
{
match(DIGIT);
if ( inputState->guessing==0 ) {
#line 276 "iptables.g"
#line 279 "iptables.g"
s+=LT(0)->getText();
#line 2075 "IPTCfgParser.cpp"
#line 2078 "IPTCfgParser.cpp"
}
break;
}
@ -2079,9 +2082,9 @@ void IPTCfgParser::unknown_parameter() {
{
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 278 "iptables.g"
#line 281 "iptables.g"
s+=LT(0)->getText();
#line 2085 "IPTCfgParser.cpp"
#line 2088 "IPTCfgParser.cpp"
}
break;
}
@ -2093,25 +2096,25 @@ void IPTCfgParser::unknown_parameter() {
}
match(SLASH);
if ( inputState->guessing==0 ) {
#line 280 "iptables.g"
#line 283 "iptables.g"
s+=LT(0)->getText();
#line 2099 "IPTCfgParser.cpp"
#line 2102 "IPTCfgParser.cpp"
}
match(WORD);
if ( inputState->guessing==0 ) {
#line 281 "iptables.g"
#line 284 "iptables.g"
s+=LT(0)->getText();
#line 2105 "IPTCfgParser.cpp"
#line 2108 "IPTCfgParser.cpp"
}
}
if ( inputState->guessing==0 ) {
#line 283 "iptables.g"
#line 286 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown parameter: ")+s);
*dbg << " UNKNOWN PARMETER=" << s;
#line 2115 "IPTCfgParser.cpp"
#line 2118 "IPTCfgParser.cpp"
}
}
}
@ -2141,13 +2144,13 @@ void IPTCfgParser::unknown_parameter() {
}
}
if ( inputState->guessing==0 ) {
#line 292 "iptables.g"
#line 295 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown parameter: ")+LT(0)->getText());
*dbg << " UNKNOWN PARMETER=" << LT(0)->getText();
#line 2151 "IPTCfgParser.cpp"
#line 2154 "IPTCfgParser.cpp"
}
}
}
@ -2172,19 +2175,19 @@ void IPTCfgParser::m_state() {
match(M_STATE);
match(MATCH_STATE);
if ( inputState->guessing==0 ) {
#line 637 "iptables.g"
#line 640 "iptables.g"
importer->current_state = "";
#line 2180 "IPTCfgParser.cpp"
#line 2183 "IPTCfgParser.cpp"
}
state_word();
if ( inputState->guessing==0 ) {
#line 641 "iptables.g"
#line 644 "iptables.g"
importer->current_state += LT(0)->getText();
#line 2188 "IPTCfgParser.cpp"
#line 2191 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -2193,11 +2196,11 @@ void IPTCfgParser::m_state() {
match(COMMA);
state_word();
if ( inputState->guessing==0 ) {
#line 646 "iptables.g"
#line 649 "iptables.g"
importer->current_state += std::string(",") + LT(0)->getText();
#line 2201 "IPTCfgParser.cpp"
#line 2204 "IPTCfgParser.cpp"
}
break;
}
@ -2239,11 +2242,11 @@ void IPTCfgParser::m_state() {
}
}
if ( inputState->guessing==0 ) {
#line 650 "iptables.g"
#line 653 "iptables.g"
*dbg << " STATE MATCH=" << importer->current_state;
#line 2247 "IPTCfgParser.cpp"
#line 2250 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2261,11 +2264,11 @@ void IPTCfgParser::m_mport() {
try { // for error handling
match(M_MPORT);
if ( inputState->guessing==0 ) {
#line 808 "iptables.g"
#line 811 "iptables.g"
*dbg << " MULTIPORT";
#line 2269 "IPTCfgParser.cpp"
#line 2272 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2283,12 +2286,12 @@ void IPTCfgParser::m_icmp() {
try { // for error handling
match(ICMP);
if ( inputState->guessing==0 ) {
#line 889 "iptables.g"
#line 892 "iptables.g"
importer->protocol = "icmp";
*dbg << " ICMP";
#line 2292 "IPTCfgParser.cpp"
#line 2295 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2306,12 +2309,12 @@ void IPTCfgParser::m_tcp() {
try { // for error handling
match(TCP);
if ( inputState->guessing==0 ) {
#line 1032 "iptables.g"
#line 1035 "iptables.g"
importer->protocol = "tcp";
*dbg << " TCP";
#line 2315 "IPTCfgParser.cpp"
#line 2318 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2329,12 +2332,12 @@ void IPTCfgParser::m_udp() {
try { // for error handling
match(UDP);
if ( inputState->guessing==0 ) {
#line 1023 "iptables.g"
#line 1026 "iptables.g"
importer->protocol = "udp";
*dbg << " UDP";
#line 2338 "IPTCfgParser.cpp"
#line 2341 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2352,11 +2355,11 @@ void IPTCfgParser::m_limit() {
try { // for error handling
match(M_LIMIT);
if ( inputState->guessing==0 ) {
#line 678 "iptables.g"
#line 681 "iptables.g"
*dbg << " LIMIT";
#line 2360 "IPTCfgParser.cpp"
#line 2363 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2374,11 +2377,11 @@ void IPTCfgParser::m_length() {
try { // for error handling
match(M_LENGTH);
if ( inputState->guessing==0 ) {
#line 773 "iptables.g"
#line 776 "iptables.g"
*dbg << " LENGTH";
#line 2382 "IPTCfgParser.cpp"
#line 2385 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2396,11 +2399,11 @@ void IPTCfgParser::m_iprange() {
try { // for error handling
match(M_IPRANGE);
if ( inputState->guessing==0 ) {
#line 717 "iptables.g"
#line 720 "iptables.g"
*dbg << " IPRANGE";
#line 2404 "IPTCfgParser.cpp"
#line 2407 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2420,11 +2423,11 @@ void IPTCfgParser::m_comment() {
match(MATCH_COMMENT);
match(STRING);
if ( inputState->guessing==0 ) {
#line 816 "iptables.g"
#line 819 "iptables.g"
*dbg << " COMMENT=" << LT(0)->getText();
#line 2428 "IPTCfgParser.cpp"
#line 2431 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2459,13 +2462,13 @@ void IPTCfgParser::m_unknown_module() {
try { // for error handling
match(WORD);
if ( inputState->guessing==0 ) {
#line 624 "iptables.g"
#line 627 "iptables.g"
*dbg << " UNKNOWN MODULE=" << LT(0)->getText();
importer->markCurrentRuleBad(
std::string("Unknown module: ")+LT(0)->getText());
#line 2469 "IPTCfgParser.cpp"
#line 2472 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2535,12 +2538,12 @@ void IPTCfgParser::target_options() {
match(REJECT_WITH);
match(WORD);
if ( inputState->guessing==0 ) {
#line 422 "iptables.g"
#line 425 "iptables.g"
importer->action_params["reject_with"] = LT(0)->getText();
*dbg << " REJECT WITH=" << LT(0)->getText();
#line 2544 "IPTCfgParser.cpp"
#line 2547 "IPTCfgParser.cpp"
}
break;
}
@ -2566,12 +2569,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 428 "iptables.g"
#line 431 "iptables.g"
importer->action_params["log_prefix"] = LT(0)->getText();
*dbg << " LOG PREFIX=" << LT(0)->getText();
#line 2575 "IPTCfgParser.cpp"
#line 2578 "IPTCfgParser.cpp"
}
break;
}
@ -2579,12 +2582,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_TCP_SEQ);
if ( inputState->guessing==0 ) {
#line 434 "iptables.g"
#line 437 "iptables.g"
importer->action_params["log_tcp_seq"] = LT(0)->getText();
*dbg << " LOG TCP SEQUENCE=";
#line 2588 "IPTCfgParser.cpp"
#line 2591 "IPTCfgParser.cpp"
}
break;
}
@ -2592,12 +2595,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_TCP_OPT);
if ( inputState->guessing==0 ) {
#line 440 "iptables.g"
#line 443 "iptables.g"
importer->action_params["log_tcp_options"] = LT(0)->getText();
*dbg << " LOG TCP OPTIONS=";
#line 2601 "IPTCfgParser.cpp"
#line 2604 "IPTCfgParser.cpp"
}
break;
}
@ -2605,12 +2608,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_IP_OPT);
if ( inputState->guessing==0 ) {
#line 446 "iptables.g"
#line 449 "iptables.g"
importer->action_params["log_ip_options"] = LT(0)->getText();
*dbg << " LOG IP OPTIONS=";
#line 2614 "IPTCfgParser.cpp"
#line 2617 "IPTCfgParser.cpp"
}
break;
}
@ -2636,12 +2639,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 452 "iptables.g"
#line 455 "iptables.g"
importer->action_params["log_prefix"] = LT(0)->getText();
*dbg << " ULOG PREFIX=" << LT(0)->getText();
#line 2645 "IPTCfgParser.cpp"
#line 2648 "IPTCfgParser.cpp"
}
break;
}
@ -2667,12 +2670,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 458 "iptables.g"
#line 461 "iptables.g"
importer->action_params["log_level"] = LT(0)->getText();
*dbg << " LOG LEVEL=" << LT(0)->getText();
#line 2676 "IPTCfgParser.cpp"
#line 2679 "IPTCfgParser.cpp"
}
break;
}
@ -2698,12 +2701,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 464 "iptables.g"
#line 467 "iptables.g"
importer->action_params["set_mark"] = LT(0)->getText();
*dbg << " SET MARK=" << LT(0)->getText();
#line 2707 "IPTCfgParser.cpp"
#line 2710 "IPTCfgParser.cpp"
}
break;
}
@ -2711,12 +2714,12 @@ void IPTCfgParser::target_options() {
{
match(SAVE_MARK);
if ( inputState->guessing==0 ) {
#line 482 "iptables.g"
#line 485 "iptables.g"
importer->action_params["connmark_save_mark"] = "--save-mark";
*dbg << " SAVE MARK";
#line 2720 "IPTCfgParser.cpp"
#line 2723 "IPTCfgParser.cpp"
}
break;
}
@ -2724,12 +2727,12 @@ void IPTCfgParser::target_options() {
{
match(RESTORE_MARK);
if ( inputState->guessing==0 ) {
#line 488 "iptables.g"
#line 491 "iptables.g"
importer->action_params["connmark_restore_mark"] = "--restore-mark";
*dbg << " RESTORE MARK";
#line 2733 "IPTCfgParser.cpp"
#line 2736 "IPTCfgParser.cpp"
}
break;
}
@ -2737,12 +2740,12 @@ void IPTCfgParser::target_options() {
{
match(CONTINUE);
if ( inputState->guessing==0 ) {
#line 494 "iptables.g"
#line 497 "iptables.g"
importer->action_params["route_continue"] = "--continue";
*dbg << " CONTINUE";
#line 2746 "IPTCfgParser.cpp"
#line 2749 "IPTCfgParser.cpp"
}
break;
}
@ -2751,12 +2754,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_IIF);
match(WORD);
if ( inputState->guessing==0 ) {
#line 500 "iptables.g"
#line 503 "iptables.g"
importer->action_params["route_iif"] = LT(0)->getText();
*dbg << " ROUTE_IIF=" << LT(0)->getText();
#line 2760 "IPTCfgParser.cpp"
#line 2763 "IPTCfgParser.cpp"
}
break;
}
@ -2765,12 +2768,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_OIF);
match(WORD);
if ( inputState->guessing==0 ) {
#line 506 "iptables.g"
#line 509 "iptables.g"
importer->action_params["route_oif"] = LT(0)->getText();
*dbg << " ROUTE_OIF=" << LT(0)->getText();
#line 2774 "IPTCfgParser.cpp"
#line 2777 "IPTCfgParser.cpp"
}
break;
}
@ -2779,12 +2782,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_GW);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 512 "iptables.g"
#line 515 "iptables.g"
importer->action_params["route_gw"] = LT(0)->getText();
*dbg << " ROUTE_GW=" << LT(0)->getText();
#line 2788 "IPTCfgParser.cpp"
#line 2791 "IPTCfgParser.cpp"
}
break;
}
@ -2792,12 +2795,12 @@ void IPTCfgParser::target_options() {
{
match(ROUTE_TEE);
if ( inputState->guessing==0 ) {
#line 518 "iptables.g"
#line 521 "iptables.g"
importer->action_params["route_tee"] = "--tee";
*dbg << " ROUTE_TEE";
#line 2801 "IPTCfgParser.cpp"
#line 2804 "IPTCfgParser.cpp"
}
break;
}
@ -2805,11 +2808,11 @@ void IPTCfgParser::target_options() {
{
match(TO_SOURCE);
if ( inputState->guessing==0 ) {
#line 524 "iptables.g"
#line 527 "iptables.g"
*dbg << " TO-SOURCE";
#line 2813 "IPTCfgParser.cpp"
#line 2816 "IPTCfgParser.cpp"
}
nat_spec();
break;
@ -2818,11 +2821,11 @@ void IPTCfgParser::target_options() {
{
match(TO_DESTINATION);
if ( inputState->guessing==0 ) {
#line 530 "iptables.g"
#line 533 "iptables.g"
*dbg << " TO-DESTINATION";
#line 2826 "IPTCfgParser.cpp"
#line 2829 "IPTCfgParser.cpp"
}
nat_spec();
break;
@ -2837,22 +2840,22 @@ void IPTCfgParser::target_options() {
{
match(TO_NETMAP);
if ( inputState->guessing==0 ) {
#line 538 "iptables.g"
#line 541 "iptables.g"
*dbg << " TO-NETMAP";
#line 2845 "IPTCfgParser.cpp"
#line 2848 "IPTCfgParser.cpp"
}
{
match(IPV4);
if ( inputState->guessing==0 ) {
#line 543 "iptables.g"
#line 546 "iptables.g"
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = LT(0)->getText();
*dbg << LT(0)->getText();
#line 2856 "IPTCfgParser.cpp"
#line 2859 "IPTCfgParser.cpp"
}
match(SLASH);
{
@ -2874,12 +2877,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 549 "iptables.g"
#line 552 "iptables.g"
importer->nat_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 2883 "IPTCfgParser.cpp"
#line 2886 "IPTCfgParser.cpp"
}
}
break;
@ -2888,12 +2891,12 @@ void IPTCfgParser::target_options() {
{
match(CLAMP_MSS);
if ( inputState->guessing==0 ) {
#line 556 "iptables.g"
#line 559 "iptables.g"
importer->action_params["clamp-mss-to-pmtu"] = "--clamp-mss-to-pmtu";
*dbg << " TO-NETMAP";
#line 2897 "IPTCfgParser.cpp"
#line 2900 "IPTCfgParser.cpp"
}
break;
}
@ -2902,24 +2905,24 @@ void IPTCfgParser::target_options() {
match(SET_TOS);
match(HEX_CONST);
if ( inputState->guessing==0 ) {
#line 470 "iptables.g"
#line 473 "iptables.g"
importer->action_params["set_tos"] = LT(0)->getText();
*dbg << " SET TOS=" << LT(0)->getText();
#line 2911 "IPTCfgParser.cpp"
#line 2914 "IPTCfgParser.cpp"
}
}
else if ((LA(1) == SET_TOS) && (LA(2) == WORD)) {
match(SET_TOS);
match(WORD);
if ( inputState->guessing==0 ) {
#line 476 "iptables.g"
#line 479 "iptables.g"
importer->action_params["set_tos"] = LT(0)->getText();
*dbg << " SET TOS=" << LT(0)->getText();
#line 2923 "IPTCfgParser.cpp"
#line 2926 "IPTCfgParser.cpp"
}
}
else {
@ -3009,7 +3012,7 @@ void IPTCfgParser::nat_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 567 "iptables.g"
#line 570 "iptables.g"
*dbg << " "
<< importer->nat_addr1
@ -3020,7 +3023,7 @@ void IPTCfgParser::nat_spec() {
<< "-"
<< importer->nat_port_range_end;
#line 3024 "IPTCfgParser.cpp"
#line 3027 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3038,7 +3041,7 @@ void IPTCfgParser::redirect_spec() {
try { // for error handling
nat_port_def_with_range();
if ( inputState->guessing==0 ) {
#line 602 "iptables.g"
#line 605 "iptables.g"
*dbg << " TO-PORTS "
<< importer->nat_addr1
@ -3049,7 +3052,7 @@ void IPTCfgParser::redirect_spec() {
<< "-"
<< importer->nat_port_range_end;
#line 3053 "IPTCfgParser.cpp"
#line 3056 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3090,28 +3093,28 @@ void IPTCfgParser::nat_addr_range() {
s = LT(1);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 583 "iptables.g"
#line 586 "iptables.g"
importer->nat_port_range_start = "";
importer->nat_port_range_end = "";
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = s->getText();
#line 3101 "IPTCfgParser.cpp"
#line 3104 "IPTCfgParser.cpp"
}
}
}
else if ((LA(1) == IPV4) && (_tokenSet_8.member(LA(2)))) {
match(IPV4);
if ( inputState->guessing==0 ) {
#line 592 "iptables.g"
#line 595 "iptables.g"
importer->nat_port_range_start = "";
importer->nat_port_range_end = "";
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = LT(0)->getText();
#line 3115 "IPTCfgParser.cpp"
#line 3118 "IPTCfgParser.cpp"
}
}
else {
@ -3187,13 +3190,13 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 972 "iptables.g"
#line 975 "iptables.g"
importer->nat_port_range_start = LT(0)->getText();
importer->nat_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3197 "IPTCfgParser.cpp"
#line 3200 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -3215,12 +3218,12 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 978 "iptables.g"
#line 981 "iptables.g"
importer->nat_port_range_end = LT(0)->getText();
*dbg << ":" << LT(0)->getText();
#line 3224 "IPTCfgParser.cpp"
#line 3227 "IPTCfgParser.cpp"
}
}
}
@ -3244,13 +3247,13 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 985 "iptables.g"
#line 988 "iptables.g"
importer->nat_port_range_start = LT(0)->getText();
importer->nat_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3254 "IPTCfgParser.cpp"
#line 3257 "IPTCfgParser.cpp"
}
}
else {
@ -3315,11 +3318,11 @@ void IPTCfgParser::m_mark() {
try { // for error handling
match(M_MARK);
if ( inputState->guessing==0 ) {
#line 659 "iptables.g"
#line 662 "iptables.g"
*dbg << " MARK";
#line 3323 "IPTCfgParser.cpp"
#line 3326 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3337,25 +3340,25 @@ void IPTCfgParser::limit_rate() {
try { // for error handling
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 689 "iptables.g"
#line 692 "iptables.g"
importer->limit_val = LT(0)->getText();
#line 3343 "IPTCfgParser.cpp"
#line 3346 "IPTCfgParser.cpp"
}
match(SLASH);
match(WORD);
if ( inputState->guessing==0 ) {
#line 691 "iptables.g"
#line 694 "iptables.g"
importer->limit_suffix = LT(0)->getText();
#line 3350 "IPTCfgParser.cpp"
#line 3353 "IPTCfgParser.cpp"
}
if ( inputState->guessing==0 ) {
#line 692 "iptables.g"
#line 695 "iptables.g"
*dbg << " MATCH LIMIT "
<< importer->limit_val << "/"
<< importer->limit_suffix;
#line 3359 "IPTCfgParser.cpp"
#line 3362 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3373,11 +3376,11 @@ void IPTCfgParser::m_recent() {
try { // for error handling
match(M_RECENT);
if ( inputState->guessing==0 ) {
#line 709 "iptables.g"
#line 712 "iptables.g"
*dbg << " RECENT";
#line 3381 "IPTCfgParser.cpp"
#line 3384 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3475,9 +3478,9 @@ void IPTCfgParser::recent_args_no_param() {
}
}
if ( inputState->guessing==0 ) {
#line 761 "iptables.g"
#line 764 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3481 "IPTCfgParser.cpp"
#line 3484 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3517,9 +3520,9 @@ void IPTCfgParser::recent_args_param() {
}
}
if ( inputState->guessing==0 ) {
#line 765 "iptables.g"
#line 768 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3523 "IPTCfgParser.cpp"
#line 3526 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -3540,9 +3543,9 @@ void IPTCfgParser::recent_args_param() {
}
}
if ( inputState->guessing==0 ) {
#line 767 "iptables.g"
#line 770 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3546 "IPTCfgParser.cpp"
#line 3549 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3560,24 +3563,24 @@ void IPTCfgParser::length_spec() {
try { // for error handling
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 784 "iptables.g"
#line 787 "iptables.g"
importer->length_spec = LT(0)->getText();
#line 3566 "IPTCfgParser.cpp"
#line 3569 "IPTCfgParser.cpp"
}
match(COLON);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 786 "iptables.g"
#line 789 "iptables.g"
importer->length_spec += ":";
importer->length_spec += LT(0)->getText();
#line 3574 "IPTCfgParser.cpp"
#line 3577 "IPTCfgParser.cpp"
}
if ( inputState->guessing==0 ) {
#line 788 "iptables.g"
#line 791 "iptables.g"
*dbg << " MATCH LENGTH " << importer->length_spec;
#line 3581 "IPTCfgParser.cpp"
#line 3584 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3617,12 +3620,12 @@ void IPTCfgParser::pkt_type_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 799 "iptables.g"
#line 802 "iptables.g"
importer->pkt_type_spec = LT(0)->getText();
*dbg << " PKT_TYPE " << importer->pkt_type_spec;
#line 3626 "IPTCfgParser.cpp"
#line 3629 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3657,13 +3660,13 @@ void IPTCfgParser::port_def_no_range() {
}
}
if ( inputState->guessing==0 ) {
#line 925 "iptables.g"
#line 928 "iptables.g"
importer->tmp_port_range_start = LT(0)->getText();
importer->tmp_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3667 "IPTCfgParser.cpp"
#line 3670 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3707,13 +3710,13 @@ void IPTCfgParser::port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 943 "iptables.g"
#line 946 "iptables.g"
importer->tmp_port_range_start = LT(0)->getText();
importer->tmp_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3717 "IPTCfgParser.cpp"
#line 3720 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -3770,12 +3773,12 @@ void IPTCfgParser::port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 950 "iptables.g"
#line 953 "iptables.g"
importer->tmp_port_range_end = LT(0)->getText();
*dbg << ":" << LT(0)->getText();
#line 3779 "IPTCfgParser.cpp"
#line 3782 "IPTCfgParser.cpp"
}
break;
}
@ -3850,13 +3853,13 @@ void IPTCfgParser::port_def_with_incomplete_range() {
}
}
if ( inputState->guessing==0 ) {
#line 959 "iptables.g"
#line 962 "iptables.g"
importer->tmp_port_range_start = "0";
importer->tmp_port_range_end = LT(0)->getText();
*dbg << "PORT 0:" << LT(0)->getText();
#line 3860 "IPTCfgParser.cpp"
#line 3863 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3874,7 +3877,7 @@ void IPTCfgParser::syn() {
try { // for error handling
match(MATCH_SYN);
if ( inputState->guessing==0 ) {
#line 1048 "iptables.g"
#line 1051 "iptables.g"
importer->tcp_flags_mask.clear();
importer->tcp_flags_mask.push_back(libfwbuilder::TCPService::SYN);
@ -3884,7 +3887,7 @@ void IPTCfgParser::syn() {
importer->tcp_flags_comp.clear();
importer->tcp_flags_comp.push_back(libfwbuilder::TCPService::SYN);
#line 3888 "IPTCfgParser.cpp"
#line 3891 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3903,16 +3906,16 @@ void IPTCfgParser::tcp_flags() {
match(MATCH_TCP_FLAGS);
tcp_flags_list();
if ( inputState->guessing==0 ) {
#line 1099 "iptables.g"
#line 1102 "iptables.g"
importer->tcp_flags_mask = importer->tmp_tcp_flags_list;
importer->tmp_tcp_flags_list.clear();
#line 3912 "IPTCfgParser.cpp"
#line 3915 "IPTCfgParser.cpp"
}
tcp_flags_list();
if ( inputState->guessing==0 ) {
#line 1104 "iptables.g"
#line 1107 "iptables.g"
importer->tcp_flags_comp = importer->tmp_tcp_flags_list;
importer->tmp_tcp_flags_list.clear();
@ -3926,7 +3929,7 @@ void IPTCfgParser::tcp_flags() {
i!=importer->tcp_flags_comp.end(); ++i)
*dbg << *i << "|";
#line 3930 "IPTCfgParser.cpp"
#line 3933 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3982,9 +3985,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(SYN);
if ( inputState->guessing==0 ) {
#line 1061 "iptables.g"
#line 1064 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::SYN;
#line 3988 "IPTCfgParser.cpp"
#line 3991 "IPTCfgParser.cpp"
}
break;
}
@ -3992,9 +3995,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(ACK);
if ( inputState->guessing==0 ) {
#line 1063 "iptables.g"
#line 1066 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::ACK;
#line 3998 "IPTCfgParser.cpp"
#line 4001 "IPTCfgParser.cpp"
}
break;
}
@ -4002,9 +4005,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(FIN);
if ( inputState->guessing==0 ) {
#line 1065 "iptables.g"
#line 1068 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::FIN;
#line 4008 "IPTCfgParser.cpp"
#line 4011 "IPTCfgParser.cpp"
}
break;
}
@ -4012,9 +4015,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(RST);
if ( inputState->guessing==0 ) {
#line 1067 "iptables.g"
#line 1070 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::RST;
#line 4018 "IPTCfgParser.cpp"
#line 4021 "IPTCfgParser.cpp"
}
break;
}
@ -4022,9 +4025,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(URG);
if ( inputState->guessing==0 ) {
#line 1069 "iptables.g"
#line 1072 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::URG;
#line 4028 "IPTCfgParser.cpp"
#line 4031 "IPTCfgParser.cpp"
}
break;
}
@ -4032,9 +4035,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(PSH);
if ( inputState->guessing==0 ) {
#line 1071 "iptables.g"
#line 1074 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::PSH;
#line 4038 "IPTCfgParser.cpp"
#line 4041 "IPTCfgParser.cpp"
}
break;
}
@ -4042,9 +4045,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(ALL);
if ( inputState->guessing==0 ) {
#line 1073 "iptables.g"
#line 1076 "iptables.g"
importer->tmp_tcp_flag_code = 99;
#line 4048 "IPTCfgParser.cpp"
#line 4051 "IPTCfgParser.cpp"
}
break;
}
@ -4052,9 +4055,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(NONE);
if ( inputState->guessing==0 ) {
#line 1075 "iptables.g"
#line 1078 "iptables.g"
importer->tmp_tcp_flag_code = 98;
#line 4058 "IPTCfgParser.cpp"
#line 4061 "IPTCfgParser.cpp"
}
break;
}
@ -4079,20 +4082,20 @@ void IPTCfgParser::tcp_flags_list() {
try { // for error handling
if ( inputState->guessing==0 ) {
#line 1080 "iptables.g"
#line 1083 "iptables.g"
importer->tmp_tcp_flags_list.clear();
importer->tmp_tcp_flag_code = 0;
#line 4088 "IPTCfgParser.cpp"
#line 4091 "IPTCfgParser.cpp"
}
tcp_flag_word();
if ( inputState->guessing==0 ) {
#line 1085 "iptables.g"
#line 1088 "iptables.g"
importer->tmp_tcp_flags_list.push_back(importer->tmp_tcp_flag_code);
#line 4096 "IPTCfgParser.cpp"
#line 4099 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -4100,12 +4103,12 @@ void IPTCfgParser::tcp_flags_list() {
match(COMMA);
tcp_flag_word();
if ( inputState->guessing==0 ) {
#line 1090 "iptables.g"
#line 1093 "iptables.g"
importer->tmp_tcp_flags_list.push_back(
importer->tmp_tcp_flag_code);
#line 4109 "IPTCfgParser.cpp"
#line 4112 "IPTCfgParser.cpp"
}
}
else {

10
src/parsers/PIXCfgLexer.cpp
View File

@ -444,7 +444,7 @@ void PIXCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 798 "pix.g"
#line 799 "pix.g"
newline();
#line 450 "PIXCfgLexer.cpp"
}
@ -568,7 +568,7 @@ void PIXCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 793 "pix.g"
#line 794 "pix.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 574 "PIXCfgLexer.cpp"
}
@ -804,7 +804,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 818 "pix.g"
#line 819 "pix.g"
_ttype = IPV4;
#line 810 "PIXCfgLexer.cpp"
}
@ -907,7 +907,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 824 "pix.g"
#line 825 "pix.g"
_ttype = HEX_CONST;
#line 913 "PIXCfgLexer.cpp"
}
@ -928,7 +928,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
_loop134:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 822 "pix.g"
#line 823 "pix.g"
_ttype = INT_CONST;
#line 934 "PIXCfgLexer.cpp"
}

201
src/parsers/PIXCfgParser.cpp
View File

@ -336,7 +336,7 @@ void PIXCfgParser::intrface() {
in = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 474 "pix.g"
#line 475 "pix.g"
importer->newInterface( in->getText() );
*dbg << in->getLine() << ":"
@ -364,7 +364,7 @@ void PIXCfgParser::vlan_interface() {
vlan_id = LT(1);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 483 "pix.g"
#line 484 "pix.g"
importer->setInterfaceVlanId(vlan_id->getText());
*dbg << " VLAN: " << vlan_id->getText() << std::endl;
@ -391,7 +391,7 @@ void PIXCfgParser::sec_level() {
sec_level = LT(1);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 491 "pix.g"
#line 492 "pix.g"
importer->setInterfaceSecurityLevel(sec_level->getText());
*dbg << "SEC_LEVEL: " << sec_level->getText() << std::endl;
@ -442,7 +442,7 @@ void PIXCfgParser::nameif() {
}
}
if ( inputState->guessing==0 ) {
#line 499 "pix.g"
#line 500 "pix.g"
std::string label = (intf_label) ? intf_label->getText() : "";
std::string seclevel = (sec_level) ? sec_level->getText() : "";
@ -468,7 +468,7 @@ void PIXCfgParser::controller() {
try { // for error handling
match(CONTROLLER);
if ( inputState->guessing==0 ) {
#line 428 "pix.g"
#line 429 "pix.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -496,11 +496,12 @@ void PIXCfgParser::access_list_commands() {
if ( inputState->guessing==0 ) {
#line 189 "pix.g"
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME );
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
#line 504 "PIXCfgParser.cpp"
#line 505 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -556,7 +557,7 @@ void PIXCfgParser::description() {
try { // for error handling
match(DESCRIPTION);
if ( inputState->guessing==0 ) {
#line 511 "pix.g"
#line 512 "pix.g"
*dbg << LT(1)->getLine() << ":";
std::string descr;
@ -569,7 +570,7 @@ void PIXCfgParser::description() {
*dbg << " DESCRIPTION " << descr << std::endl;
//consumeUntil(NEWLINE);
#line 573 "PIXCfgParser.cpp"
#line 574 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -587,13 +588,13 @@ void PIXCfgParser::shutdown() {
try { // for error handling
match(SHUTDOWN);
if ( inputState->guessing==0 ) {
#line 546 "pix.g"
#line 547 "pix.g"
importer->ignoreCurrentInterface();
*dbg<< LT(1)->getLine() << ":"
<< " INTERFACE SHUTDOWN " << std::endl;
#line 597 "PIXCfgParser.cpp"
#line 598 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -617,7 +618,7 @@ void PIXCfgParser::certificate() {
consumeUntil(NEWLINE);
consumeUntil(QUIT);
#line 621 "PIXCfgParser.cpp"
#line 622 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -639,7 +640,7 @@ void PIXCfgParser::quit() {
consumeUntil(NEWLINE);
#line 643 "PIXCfgParser.cpp"
#line 644 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -661,7 +662,7 @@ void PIXCfgParser::crypto() {
consumeUntil(NEWLINE);
#line 665 "PIXCfgParser.cpp"
#line 666 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -683,7 +684,7 @@ void PIXCfgParser::unknown_command() {
consumeUntil(NEWLINE);
#line 687 "PIXCfgParser.cpp"
#line 688 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -704,13 +705,13 @@ void PIXCfgParser::ip_access_list_ext() {
name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 206 "pix.g"
#line 207 "pix.g"
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
#line 714 "PIXCfgParser.cpp"
#line 715 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -747,12 +748,12 @@ void PIXCfgParser::ip_access_list_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 222 "pix.g"
#line 223 "pix.g"
*dbg << LT(0)->getLine() << ":"
<< " ACL line end" << std::endl << std::endl;
#line 756 "PIXCfgParser.cpp"
#line 757 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -812,7 +813,7 @@ void PIXCfgParser::community_list_command() {
consumeUntil(NEWLINE);
#line 816 "PIXCfgParser.cpp"
#line 817 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -830,23 +831,23 @@ void PIXCfgParser::permit_ext() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 230 "pix.g"
#line 231 "pix.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 841 "PIXCfgParser.cpp"
#line 842 "PIXCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 237 "pix.g"
#line 238 "pix.g"
importer->pushRule();
#line 850 "PIXCfgParser.cpp"
#line 851 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -864,23 +865,23 @@ void PIXCfgParser::deny_ext() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 243 "pix.g"
#line 244 "pix.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 875 "PIXCfgParser.cpp"
#line 876 "PIXCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 250 "pix.g"
#line 251 "pix.g"
importer->pushRule();
#line 884 "PIXCfgParser.cpp"
#line 885 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -898,7 +899,7 @@ void PIXCfgParser::remark() {
try { // for error handling
match(REMARK);
if ( inputState->guessing==0 ) {
#line 531 "pix.g"
#line 532 "pix.g"
*dbg << LT(1)->getLine() << ":";
std::string rem;
@ -911,7 +912,7 @@ void PIXCfgParser::remark() {
*dbg << " REMARK " << rem << std::endl;
//consumeUntil(NEWLINE);
#line 915 "PIXCfgParser.cpp"
#line 916 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -935,15 +936,15 @@ void PIXCfgParser::rule_ext() {
ip_protocols();
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 260 "pix.g"
#line 261 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 941 "PIXCfgParser.cpp"
#line 942 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 261 "pix.g"
#line 262 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 947 "PIXCfgParser.cpp"
#line 948 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1008,24 +1009,24 @@ void PIXCfgParser::rule_ext() {
{
match(ICMP);
if ( inputState->guessing==0 ) {
#line 267 "pix.g"
#line 268 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1017 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 271 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1023 "PIXCfgParser.cpp"
#line 1018 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 272 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1024 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 273 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1029 "PIXCfgParser.cpp"
#line 1030 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1130,18 +1131,18 @@ void PIXCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 279 "pix.g"
#line 280 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1139 "PIXCfgParser.cpp"
#line 1140 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 283 "pix.g"
#line 284 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1145 "PIXCfgParser.cpp"
#line 1146 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1153,9 +1154,9 @@ void PIXCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 284 "pix.g"
#line 285 "pix.g"
importer->SaveTmpPortToSrc();
#line 1159 "PIXCfgParser.cpp"
#line 1160 "PIXCfgParser.cpp"
}
break;
}
@ -1173,9 +1174,9 @@ void PIXCfgParser::rule_ext() {
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 285 "pix.g"
#line 286 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1179 "PIXCfgParser.cpp"
#line 1180 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1187,9 +1188,9 @@ void PIXCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 286 "pix.g"
#line 287 "pix.g"
importer->SaveTmpPortToDst();
#line 1193 "PIXCfgParser.cpp"
#line 1194 "PIXCfgParser.cpp"
}
break;
}
@ -1295,11 +1296,11 @@ void PIXCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 292 "pix.g"
#line 293 "pix.g"
*dbg << std::endl;
#line 1303 "PIXCfgParser.cpp"
#line 1304 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1334,12 +1335,12 @@ void PIXCfgParser::ip_protocols() {
}
}
if ( inputState->guessing==0 ) {
#line 300 "pix.g"
#line 301 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1343 "PIXCfgParser.cpp"
#line 1344 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1367,13 +1368,13 @@ void PIXCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 352 "pix.g"
#line 353 "pix.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1377 "PIXCfgParser.cpp"
#line 1378 "PIXCfgParser.cpp"
}
break;
}
@ -1386,13 +1387,13 @@ void PIXCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 359 "pix.g"
#line 360 "pix.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1396 "PIXCfgParser.cpp"
#line 1397 "PIXCfgParser.cpp"
}
break;
}
@ -1400,13 +1401,13 @@ void PIXCfgParser::hostaddr_ext() {
{
match(ANY);
if ( inputState->guessing==0 ) {
#line 366 "pix.g"
#line 367 "pix.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1410 "PIXCfgParser.cpp"
#line 1411 "PIXCfgParser.cpp"
}
break;
}
@ -1434,12 +1435,12 @@ void PIXCfgParser::time_range() {
tr_name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 418 "pix.g"
#line 419 "pix.g"
importer->time_range_name = tr_name->getText();
*dbg << "time_range " << tr_name->getText() << " ";
#line 1443 "PIXCfgParser.cpp"
#line 1444 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1457,12 +1458,12 @@ void PIXCfgParser::fragments() {
try { // for error handling
match(FRAGMENTS);
if ( inputState->guessing==0 ) {
#line 411 "pix.g"
#line 412 "pix.g"
importer->fragments = true;
*dbg << "fragments ";
#line 1466 "PIXCfgParser.cpp"
#line 1467 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1497,12 +1498,12 @@ void PIXCfgParser::log() {
}
}
if ( inputState->guessing==0 ) {
#line 397 "pix.g"
#line 398 "pix.g"
importer->logging = true;
*dbg << "logging ";
#line 1506 "PIXCfgParser.cpp"
#line 1507 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1532,7 +1533,7 @@ void PIXCfgParser::icmp_spec() {
match(INT_CONST);
}
if ( inputState->guessing==0 ) {
#line 308 "pix.g"
#line 309 "pix.g"
importer->icmp_type = icmp_type->getText();
importer->icmp_code = icmp_code->getText();
@ -1540,7 +1541,7 @@ void PIXCfgParser::icmp_spec() {
*dbg << icmp_type->getText() << " "
<< icmp_code->getText() << " ";
#line 1544 "PIXCfgParser.cpp"
#line 1545 "PIXCfgParser.cpp"
}
break;
}
@ -1549,12 +1550,12 @@ void PIXCfgParser::icmp_spec() {
icmp_word = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 317 "pix.g"
#line 318 "pix.g"
importer->icmp_spec = icmp_word->getText();
*dbg << icmp_word->getText() << " ";
#line 1558 "PIXCfgParser.cpp"
#line 1559 "PIXCfgParser.cpp"
}
break;
}
@ -1613,12 +1614,12 @@ void PIXCfgParser::established() {
try { // for error handling
match(ESTABLISHED);
if ( inputState->guessing==0 ) {
#line 404 "pix.g"
#line 405 "pix.g"
importer->established = true;
*dbg << "established ";
#line 1622 "PIXCfgParser.cpp"
#line 1623 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1663,12 +1664,12 @@ void PIXCfgParser::single_port_op() {
}
}
if ( inputState->guessing==0 ) {
#line 328 "pix.g"
#line 329 "pix.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1672 "PIXCfgParser.cpp"
#line 1673 "PIXCfgParser.cpp"
}
port_spec();
}
@ -1687,12 +1688,12 @@ void PIXCfgParser::port_range() {
try { // for error handling
match(P_RANGE);
if ( inputState->guessing==0 ) {
#line 336 "pix.g"
#line 337 "pix.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1696 "PIXCfgParser.cpp"
#line 1697 "PIXCfgParser.cpp"
}
port_spec();
port_spec();
@ -1729,12 +1730,12 @@ void PIXCfgParser::port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 344 "pix.g"
#line 345 "pix.g"
importer->tmp_port_spec += (std::string(" ") + LT(0)->getText());
*dbg << LT(0)->getText() << " ";
#line 1738 "PIXCfgParser.cpp"
#line 1739 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1759,13 +1760,13 @@ void PIXCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 375 "pix.g"
#line 376 "pix.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1769 "PIXCfgParser.cpp"
#line 1770 "PIXCfgParser.cpp"
}
}
else if ((LA(1) == IPV4) && (LA(2) == IPV4)) {
@ -1776,25 +1777,25 @@ void PIXCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 382 "pix.g"
#line 383 "pix.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1786 "PIXCfgParser.cpp"
#line 1787 "PIXCfgParser.cpp"
}
}
else if ((LA(1) == ANY)) {
match(ANY);
if ( inputState->guessing==0 ) {
#line 389 "pix.g"
#line 390 "pix.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1798 "PIXCfgParser.cpp"
#line 1799 "PIXCfgParser.cpp"
}
}
else {
@ -1856,10 +1857,10 @@ void PIXCfgParser::switchport() {
vlan_num = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 652 "pix.g"
#line 653 "pix.g"
#line 1863 "PIXCfgParser.cpp"
#line 1864 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1936,7 +1937,7 @@ void PIXCfgParser::v6_dhcp_address() {
dhcp = LT(1);
match(DHCP);
if ( inputState->guessing==0 ) {
#line 590 "pix.g"
#line 591 "pix.g"
std::string label = lbl->getText();
std::string addr = dhcp->getText();
@ -1947,7 +1948,7 @@ void PIXCfgParser::v6_dhcp_address() {
// which we do not support
consumeUntil(NEWLINE);
#line 1951 "PIXCfgParser.cpp"
#line 1952 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1973,7 +1974,7 @@ void PIXCfgParser::v6_static_address() {
m = LT(1);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 603 "pix.g"
#line 604 "pix.g"
std::string label = lbl->getText();
std::string addr = a->getText();
@ -1984,7 +1985,7 @@ void PIXCfgParser::v6_static_address() {
// in case there are some other parameters after address and netmask
consumeUntil(NEWLINE);
#line 1988 "PIXCfgParser.cpp"
#line 1989 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2004,7 +2005,7 @@ void PIXCfgParser::v7_dhcp_address() {
dhcp = LT(1);
match(DHCP);
if ( inputState->guessing==0 ) {
#line 620 "pix.g"
#line 621 "pix.g"
std::string addr = dhcp->getText();
importer->addInterfaceAddress(addr, "");
@ -2012,7 +2013,7 @@ void PIXCfgParser::v7_dhcp_address() {
<< " INTRFACE ADDRESS: " << addr << std::endl;
consumeUntil(NEWLINE);
#line 2016 "PIXCfgParser.cpp"
#line 2017 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2054,7 +2055,7 @@ void PIXCfgParser::v7_static_address() {
}
}
if ( inputState->guessing==0 ) {
#line 631 "pix.g"
#line 632 "pix.g"
std::string addr = a->getText();
std::string netm = m->getText();
@ -2071,7 +2072,7 @@ void PIXCfgParser::v7_static_address() {
}
consumeUntil(NEWLINE);
#line 2075 "PIXCfgParser.cpp"
#line 2076 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2099,7 +2100,7 @@ void PIXCfgParser::access_group_by_name() {
intf_label = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 659 "pix.g"
#line 660 "pix.g"
importer->setInterfaceAndDirectionForRuleSet(
acln->getText(),
@ -2110,7 +2111,7 @@ void PIXCfgParser::access_group_by_name() {
<< " " << intf_label->getText()
<< " " << dir->getText() << std::endl;
#line 2114 "PIXCfgParser.cpp"
#line 2115 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {

5
src/parsers/iosacl.g
View File

@ -174,7 +174,8 @@ hostname : HOSTNAME ( STRING | WORD )
//
access_list_commands : ACCESS_LIST acl_num:INT_CONST
{
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME);
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
}
@ -195,7 +196,7 @@ access_list_commands : ACCESS_LIST acl_num:INT_CONST
ip_access_list_ext : ACCESS_LIST EXTENDED name:WORD
{
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
}

5
src/parsers/iptables.g
View File

@ -158,7 +158,10 @@ chain_def : (INPUT | FORWARD | OUTPUT | PREROUTING | POSTROUTING | WORD)
create_chain : COLON chain_def
{
importer->newUnidirRuleSet(LT(0)->getText());
if (importer->current_table=="nat")
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::NAT::TYPENAME);
else
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::Policy::TYPENAME);
*dbg << "NEW CHAIN " << LT(0)->getText() << std::endl;
}
(WORD | MINUS)

5
src/parsers/pix.g
View File

@ -187,7 +187,8 @@ hostname : HOSTNAME ( STRING | WORD )
//
access_list_commands : ACCESS_LIST acl_num:INT_CONST
{
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME );
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
}
@ -204,7 +205,7 @@ access_list_commands : ACCESS_LIST acl_num:INT_CONST
ip_access_list_ext : ACCESS_LIST name:WORD
{
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
}