Commit 45af744d22cf3eb661a7644b75f505989b25109d

Paul Visscher
Tue Mar 10 04:49:17 CET 2009

Tree SHA1: 6b02f0e
Parent SHA1: c2458d2 (Add method to grammar to return a hash of the parsed data. Add tests to make sure we're interpreting things correctly.)
raw diff | raw patch

Added "all" protocol to the grammar, reworked some of the tests and started adding tests for converting ript rules to actual iptables rules.

Diff rendering mode:
inline
side by side


43	43	end
44	44
45	45	rule proto
46		( "tcp" / "udp" / "icmp" ) s?
	46	( "tcp" / "udp" / "icmp" / "all" ) s?
47	47	end
48	48
49	49	rule state


		1	require 'treetop'
		2
		3	module IPTables
		4	class Ript
		5	def initialize
		6	Treetop.load "iptables"
		7	@parser = IPTablesParser.new
		8	end
		9
		10	def parse(str)
		11	@parser.parse(str).eval
		12	end
		13
		14	def convert(str)
		15	data = self.parse str
		16
		17	string = String.new
		18	string << "iptables" << " "
		19
		20	string << "-A "
		21	string << data['target'].upcase << " "
		22
		23	action_map = {
		24	'allow' => 'ACCEPT',
		25	'deny' => 'DROP',
		26	'reject' => 'REJECT',
		27	'log' => 'LOG',
		28	}
		29
		30	action = action_map[ data['action'] ]
		31
		32	string << "-j " << action << " "
		33
		34	string << "-s " << data['src_ip'] << " "
		35
		36	string << "-d " << data['dst_ip']
		37
		38	string
		39	end
		40	end
		41	end


1	1	require 'test/unit'
2	2	require 'treetop'
3		Treetop.load "iptables"
	3	require 'ript'
4	4
5	5	class IPTablesParserTest < Test::Unit::TestCase
6	6	def setup
7		@parser = IPTablesParser.new
	7	@ript = IPTables::Ript.new
8	8
9	9	@test_data = Hash.new
10	10
…	…
27	27	end
28	28
29	29	def test_parses_okay
30		assert_not_nil @parser.parse "forward allow 10.0.0.0/8 to 192.168.0.1:8080 udp tcp state"
31		assert_not_nil @parser.parse "forward log 10.0.0.0:8 to 192.168.0.1/32 udp icmp tcp"
32		assert_not_nil @parser.parse "forward log 10.0.0.0:8 to 192.168.0.1 tcp state"
	30	assert_not_nil @ript.parse "forward allow 10.0.0.0/8 to 192.168.0.1:8080 udp tcp state"
	31	assert_not_nil @ript.parse "forward log 10.0.0.0:8 to 192.168.0.1/32 udp icmp tcp"
	32	assert_not_nil @ript.parse "forward log 10.0.0.0:8 to 192.168.0.1 tcp state"
	33	assert_not_nil @ript.parse "forward deny 10.0.0.0 to 192.168.0.1 all"
	34	assert_not_nil @ript.parse "forward allow 10.0.0.0 to 192.168.0.1 all"
33	35	end
34	36
35	37	def test_results
36	38	@test_data.each_key do \|t\|
37		assert_equal @test_data[t], @parser.parse(t).eval
	39	assert_equal @test_data[t], @ript.parse(t)
38	40	end
	41	end
	42
	43	def test_convert
	44	assert_equal "iptables -A FORWARD -j ACCEPT -s 10.0.0.0 -d 192.168.0.1",
	45	@ript.convert("forward allow 10.0.0.0 to 192.168.0.1 all")
	46
	47	assert_equal "iptables -A FORWARD -j DROP -s 10.0.0.0 -d 192.168.0.1",
	48	@ript.convert("forward deny 10.0.0.0 to 192.168.0.1 all")
	49
	50	assert_equal "iptables -A FORWARD -j REJECT -s 10.0.0.0 -d 192.168.0.1",
	51	@ript.convert("forward reject 10.0.0.0 to 192.168.0.1 all")
	52
	53	assert_equal "iptables -A FORWARD -j LOG -s 10.0.0.0 -d 192.168.0.1",
	54	@ript.convert("forward log 10.0.0.0 to 192.168.0.1 all")
	55
39	56	end
40	57	end

Commit 45af744d22cf3eb661a7644b75f505989b25109d

Gitorious