5 Parse the config file for lokkit from system-config-firewall
8 let comment = Util.comment
11 let spc = Util.del_ws_spc
12 let dels = Util.del_str
14 let eq = del /[ \t=]+/ "="
15 let token = store /[a-zA-Z0-9][a-zA-Z0-9-]*/
17 let long_opt (n:regexp) =
18 [ dels "--" . key n . eq . token . eol ]
21 [ dels "--" . key n . eol ]
23 let option (l:string) (s:string) =
24 del ("--" . l | "-" . s) ("--" . l) . label l . eq
26 let opt (l:string) (s:string) =
27 [ option l s . token . eol ]
30 -t <interface>, --trust=<interface>
33 [ option "trust" "t" . store Rx.device_name . eol ]
36 -p <port>[-<port>]:<protocol>, --port=<port>[-<port>]:<protocol>
39 let portnum = store /[0-9]+/ in
41 [ label "start" . portnum ] .
42 (dels "-" . [ label "end" . portnum])? .
43 dels ":" . [ label "protocol" . token ] . eol ]
45 (* custom_rules directive
46 --custom-rules=[<type>:][<table>:]<filename>
49 let types = store /ipv4|ipv6/ in
50 let tables = store /mangle|nat|filter/ in
51 let filename = store /[^ \t\n:=][^ \t\n:]*/ in
52 [ dels "--custom-rules" . label "custom-rules" . eq .
53 [ label "type" . types . dels ":" ]? .
54 [ label "table" . tables . dels ":"]? .
57 (* forward_port directive
58 --forward-port=if=<interface>:port=<port>:proto=<protocol>[:toport=<destination port>][:toaddr=<destination address>]
61 let elem (n:string) (v:lens) =
63 let ipaddr = store /[0-9.]+/ in
64 let colon = dels ":" in
65 [ dels "--forward-port" . label "forward-port" . eq .
66 elem "if" token . colon .
67 elem "port" token . colon .
69 (colon . elem "toport" token)? .
70 (colon . elem "toaddr" ipaddr)? . eol ]
73 long_opt /selinux|selinuxtype|addmodule|removemodule|block-icmp/
74 |flag /enabled|disabled/
82 let lns = (comment|empty|entry)*
84 let xfm = transform lns (incl "/etc/sysconfig/system-config-firewall")