def translate(self):
decr = False
if self.type == Flow_action.NAT:
self.caction = Flow_action(self.type, len(self.args))
argtype = action_info(self.type)[ARG_IDX]
check_fn = pred_type_info(argtype)[CHECK_IDX]
if not self.caction.set_arg(0, check_fn(self.args[0], True)):
raise Exception('Cannot set action argument.')
# if dladdr given, set
if len(self.args) > 1:
self.caction.set_arg(1, create_eaddr(self.args[1].encode('utf-8')).hb_long())
elif self.type == Flow_action.WAYPOINT:
argtype = action_info(self.type)[ARG_IDX]
check_fn = pred_type_info(argtype)[CHECK_IDX]
self.caction = Flow_action(self.type, len(self.args))
if self.caction is None:
raise Exception('Out of memory.')
args = [ check_fn(arg, True) for arg in self.args ]
for i in xrange(len(args)):
arg = args[i]
self.to_decrement.append(arg)
if not self.caction.set_arg(i, args[i]):
raise Exception('Cannot set action argument.')
else:
self.caction = Flow_action(self.type)
if self.caction is None:
raise Exception('Out of memory.')
if len(self.args) > 0:
if self.type == Flow_action.C_FUNC:
slist = strlist()
fn = self.args[0].encode('utf-8')
for ar in self.args[1:]:
slist.push_back(ar.encode('utf-8'))
success = __policy__.flow_util.set_action_argument(self.caction, fn, slist)
else:
argtype = action_info(self.type)[ARG_IDX]
if argtype == LOC_T or argtype == HOST_T or argtype == USER_T or argtype == GROUP_T:
decr = True
check_fn = pred_type_info(argtype)[CHECK_IDX]
a = check_fn(self.args[0], True)
if decr:
self.to_decrement.append(a)
success = self.caction.set_arg(a)
if not success:
raise Exception('Cannot set action argument.')
class PyAction:
"SEPL Action Representation"
def __init__(self, atype, args):
self.type = atype
self.args = args
self.caction = None
self.to_decrement = []
if self.type is None:
self.args.sort(PyAction.deep_cmp)
def deep_cmp(self, other):
if not isinstance(other, PyAction):
return 1
if self.type is None or other.type is None:
if self.type is None:
this = self.args
else:
this = [self]
if other.type is None:
other = other.args
else:
other = [other]
for i in xrange(len(this)):
if i > len(other):
return 1
c = this[i].deep_cmp(other[i])
if c != 0:
return c
if len(other) > len(this):
return -1
if self.type < other.type:
return -1
elif self.type > other.type:
return 1
return cmp(self.args, other.args)
def renamed(self, t, old_name, new_name, subtype):
if self.type is None:
ret = False
for i in xrange(0,len(self.args)):
if self.args[i].renamed(t, old_name, new_name, subtype):
ret = True
return ret
ret = False
if len(self.args) > 0:
argtype = action_info(self.type)[ARG_IDX]
if argtype == t:
for i in xrange(0,len(self.args)):
if self.args[i] == old_name:
self.args[i] = new_name
ret = True
elif argtype == TLOC_T and t == LOC_T:
for i in xrange(0,len(self.args)):
if self.args[i][0] == old_name:
self.args[i][0] = new_name
ret = True
break #NAT rule only uses TLOC and now second arg is mac, not list of loc
return ret
def translate(self):
decr = False
if self.type == Flow_action.NAT:
self.caction = Flow_action(self.type, len(self.args))
argtype = action_info(self.type)[ARG_IDX]
check_fn = pred_type_info(argtype)[CHECK_IDX]
if not self.caction.set_arg(0, check_fn(self.args[0], True)):
raise Exception('Cannot set action argument.')
# if dladdr given, set
if len(self.args) > 1:
self.caction.set_arg(1, create_eaddr(self.args[1].encode('utf-8')).hb_long())
elif self.type == Flow_action.WAYPOINT:
argtype = action_info(self.type)[ARG_IDX]
check_fn = pred_type_info(argtype)[CHECK_IDX]
self.caction = Flow_action(self.type, len(self.args))
if self.caction is None:
raise Exception('Out of memory.')
args = [ check_fn(arg, True) for arg in self.args ]
for i in xrange(len(args)):
arg = args[i]
self.to_decrement.append(arg)
if not self.caction.set_arg(i, args[i]):
raise Exception('Cannot set action argument.')
else:
self.caction = Flow_action(self.type)
if self.caction is None:
raise Exception('Out of memory.')
if len(self.args) > 0:
if self.type == Flow_action.C_FUNC:
slist = strlist()
fn = self.args[0].encode('utf-8')
for ar in self.args[1:]:
slist.push_back(ar.encode('utf-8'))
success = __policy__.flow_util.set_action_argument(self.caction, fn, slist)
else:
argtype = action_info(self.type)[ARG_IDX]
if argtype == LOC_T or argtype == HOST_T or argtype == USER_T or argtype == GROUP_T:
decr = True
check_fn = pred_type_info(argtype)[CHECK_IDX]
a = check_fn(self.args[0], True)
if decr:
self.to_decrement.append(a)
success = self.caction.set_arg(a)
if not success:
raise Exception('Cannot set action argument.')
def decrement_ids(self):
global __policy__
if self.type is None:
for arg in self.args:
arg.decrement_ids()
else:
for id in self.to_decrement:
__policy__.authenticator.decrement_id(id)
self.to_decrement = []
def __le__(self, cond):
if isinstance(cond, bool):
cond = PyComplexPred(cond)
elif not isinstance(cond, PyComplexPred):
raise Exception('SEPL rule should be created with a predicate expression')
if self.type is None:
return PyRule(cond, self.args)
return PyRule(cond, [self])
def ustr(self):
if self.type is None:
return unicode('compose(' + ', '.join([action.ustr() for action in self.args]) + ')')
if self.type == Flow_action.C_FUNC and __supported_fns__.has_key(self.args[0]):
return unicode(self.args[0] + '(' + ', '.join(['\'' + a + '\'' for a in self.args[1:]]) + ')')
s = __actions__[self.type][0] + '('
if self.type == Flow_action.WAYPOINT or self.type == Flow_action.PY_FUNC or self.type == Flow_action.C_FUNC:
argstr = ', '.join(['\'' + a + '\'' for a in self.args])
s = s + argstr
elif self.type == Flow_action.NAT:
s = s + '\'' + self.args[0][0] + '\''
if len(self.args) > 1:
s = s + ', \'' + self.args[1] + '\''
s = s + ')'
return unicode(s)
