This file looks large and may slow your browser down if we attempt
to syntax highlight it, so we are showing it without any
pretty colors.
Highlight
it anyway.
| 1 |
grammar IPTables |
| 2 |
rule exp |
| 3 |
target s action s src:ip s 'to' s dst:ip s proto:proto+ state:state? { |
| 4 |
def eval |
| 5 |
ds = Hash.new |
| 6 |
ds['target'] = target.text_value.to_s |
| 7 |
ds['action'] = action.text_value.to_s |
| 8 |
ds['src_ip'] = src.text_value.to_s |
| 9 |
ds['dst_ip'] = dst.text_value.to_s |
| 10 |
ds['proto'] = proto.text_value.to_s.strip |
| 11 |
ds['state'] = state.text_value.to_s if defined?(state) |
| 12 |
ds |
| 13 |
end |
| 14 |
} |
| 15 |
end |
| 16 |
|
| 17 |
rule s |
| 18 |
' '* |
| 19 |
end |
| 20 |
|
| 21 |
rule action |
| 22 |
"allow" / "deny" / "reject" / "log" |
| 23 |
end |
| 24 |
|
| 25 |
rule target |
| 26 |
"forward" / "input" / "output" |
| 27 |
end |
| 28 |
|
| 29 |
rule ip |
| 30 |
ip_address ':' port / ip_address |
| 31 |
end |
| 32 |
|
| 33 |
rule ip_address |
| 34 |
octet '.' octet '.' octet '.' octet '/'? octet? |
| 35 |
end |
| 36 |
|
| 37 |
rule port |
| 38 |
[0-9]+ |
| 39 |
end |
| 40 |
|
| 41 |
rule octet |
| 42 |
[0-9]+ |
| 43 |
end |
| 44 |
|
| 45 |
rule proto |
| 46 |
( "tcp" / "udp" / "icmp" / "all" ) s? |
| 47 |
end |
| 48 |
|
| 49 |
rule state |
| 50 |
"state" |
| 51 |
end |
| 52 |
|
| 53 |
end |
