def build(self, value):
proto = self.str_resolve(value).lower()
if proto in ('', 'all', 'any'):
if self.negated:
raise YipSyntaxError(self, f"Can't negate the '{proto}' proto")
return
if proto not in ('tcp', 'udp', 'icmp'):
raise YipSyntaxError(self, f'Unknown protocol: `{proto}`')
self.add_target(' '.join(self.tneg + ['-p', proto]), k=2)
def check(self, typemap):
if not hasattr(self, 'conflicts'):
return
for confl_type in self.conflicts:
ilist = typemap.get(confl_type)
if ilist and any(e is not self for e in ilist):
raise YipSyntaxError(self,
f'{confl_type} conflicts with {self}')
def yip_ld_iter(ld):
if isinstance(ld, list):
for e in ld:
yield from yip_ld_iter(e)
elif isinstance(ld, dict):
yield from ld.items()
else:
raise YipSyntaxError(ld, f'Cannot iterate as dict on: {ld}')
def assign(f):
for fname in fnames:
if fname in self.fmap:
raise YipSyntaxError(
fname,
f'feature token `{fname}` was'
f'used multiple times'
)
self.fmap[fname] = f
return f
def yip_get_single_var(scope, string):
if not isinstance(string, str):
return None
match = re.match(simple_format, string)
if match:
vname = match.group(1)
lookup_res = scope.get(vname)
if lookup_res is None:
raise YipSyntaxError(string, f'Undefined variable `{vname}`')
return lookup_res
return None
def build(self, value):
rval = self.str_resolve(value)
comment = rval.strip().split()
target = comment.pop(0).upper()
if target not in self.rule.table.chains:
raise YipSyntaxError(rval, f'Undefined target: {target}')
self.add_target(f'-j {target}', k=1)
if comment:
self.add_dep('comment')
comment.insert(0, target.capitalize())
com_body = ' '.join(comment)
self.add_target('--comment "%s"' % com_body.replace('"', '\\"'))
def build(self, ovalue):
value = self.resolve(ovalue)
if isinstance(value, int):
val = str(value)
elif isinstance(value, str):
if value.lower() == 'all':
val = '255'
else:
val = str(int(value))
else:
raise YipSyntaxError(
self, f"icmp-type requires a numeric parameter "
f"or 'all', got: `{ovalue}`")
self.add_target(' '.join(['--icmp-type'] + self.tneg + [val]))
def build(self, node):
assert (hasmeta(node))
self.node = node
node_scope = self.scope.rule
node_scope.get_vars(node, None, self.scope, node_scope, to_rule=True)
for fname, val in node_scope.items():
if fname not in feature_map:
raise YipSyntaxError(fname, f'Unknown feature: {fname}')
isnot = isinstance(val, Not)
target = feature_map[fname](self, negated=isnot)
self.targets.append(target)
target.build(val.value if isnot else val)
tm = TypeMap(self.targets)
for target in self.targets:
target.check(tm)
self.tokens.sort(key=lambda x: x[0])
self.check()
def yip_stringize(e):
if not any(map(lambda x: isinstance(e, x), (int, str))):
raise YipSyntaxError(e, f'Element is not a string: {e}')
return str(e)
def check(self):
if self.chain is None:
raise YipSyntaxError(self, 'missing chain in rule')