def prefix(self, ast): try: prefix = ipaddr.IPNetwork(ast) if not prefix.ip == prefix.network: raise FailedSemantics('Not a valid IP address or prefix!') except: raise FailedSemantics('Not a valid IP address or prefix!') return ast
def selector_name(self, ast): # print("selector_name", ast) if get_selector(ast.name) is None: from grako.exceptions import FailedSemantics e = FailedSemantics("\"%s\" is not a selector name" % ast.name) e.pos = ast.parseinfo.pos e.endpos = ast.parseinfo.endpos raise e return _SelectorName(ast.name)
def check_wspre(self, ast): ctx = self._context with self._state() as state: wspre_off = state.peek_at("wspre_off") if wspre_off is True: raise FailedSemantics("wspre off") return ast
def embedded_scheme_error(self, ast): pinfo = ast.parseinfo buf = pinfo.buffer fname = buf.filename line = buf.line_info(pinfo.pos).line raise FailedSemantics( "Error parsing embedded scheme (unbalanced parentheses?)")
def state_expr(self, ast): if not self._protocol == "tcp": raise FailedSemantics('Only TCP entries can be stateful') if ast == "stateful": return True else: return False
def regex(self, ast, *args): pattern = ast try: re.compile(pattern, RE_FLAGS) except (TypeError, re.error) as e: raise FailedSemantics('regexp error: ' + str(e)) return pattern
def port_range(self, ast): low = 0 if ast[0] == "-" else int(ast[0]) high = 65535 if ast[1] == "-" else int(ast[1]) if low > high: raise FailedSemantics('First port cannot be higher than second \ port in a range expression') sys.exit(2) return [low, high]
def protocol_expr(self, ast): if "icmp" in ast: self._protocol = "icmp" elif ast in ["tcp", "tcpudp", "udp", "any"]: self._protocol = str(ast) else: raise FailedSemantics('No idea what protocol we are dealing with here') return ast
def endpoint_tuple(self, ast): # when port specifications are omitted any is assumed if self._protocol not in ["tcp", "tcpudp", "udp"] and ast['l4'] is not None: raise FailedSemantics('Cannot combine layer 4 information (ports) with ICMP protocol') if not ast['l4']: ast['l4'] = {} ast['l4']['ports'] = ["any"] return ast
def check_bol_skip(self, ast): ctx = self._context with self._state() as state: bol_skip = state.get("bol_skip", None) if bol_skip is None: return bol_skip_re = "".join(bol_skip) if not ctx._buffer.matchre(bol_skip_re): raise FailedSemantics("begin of line skip reject") return ast
def check_ifnot(self, ast): ctx = self._context with self._state() as state: ifnot_re = state.peek_at("ifnot") if ifnot_re is None: return # FIXME: ctx._buffer vs ctx.buf (ModelContext) if ctx._buffer.matchre(ifnot_re): raise FailedSemantics("inline ifnot negative lookahead reject") return ast
def check_no(self, ast): ctx = self._context with self._state() as state: no_list = state.get_list("no") if len(no_list) == 0: return # As the no list may use regex flags, we must check separately. for item in no_list: # FIXME: ctx._buffer vs ctx.buf (ModelContext) if ctx._buffer.matchre(item): raise FailedSemantics("inline negative lookahead reject") return ast
def find_matches(self, session, models, results, ordered): f = get_selector(self.name) if f: from ..objects import Objects if isinstance(f, Objects): results.combine(f) else: try: f(session, models, results) except Exception: session.logger.report_exception(preface="Error executing selector '%s'" % self.name) from grako.exceptions import FailedSemantics raise FailedSemantics("error evaluating selector %s" % self.name)
def token(self, ast, *args): token = eval_escapes(ast) if not token: raise FailedSemantics('empty token') return grammars.Token(token)
def ul_marker(self, ast): ctx = self._context if ctx._state is not None: if not ctx.buf.match("*" * ctx._state): raise FailedSemantics("not at correct level") return ast
def known_name(self, name): if name not in self.rules: raise FailedSemantics('rule "%s" not yet defined' % str(name)) return name
def new_name(self, name): if name in self.rules: raise FailedSemantics('rule "%s" already defined' % str(name)) return name
def NAME(self, ast): if ast.lower() in self.keywords: raise FailedSemantics("'{}' is a keyword.".format(ast)) return ast
def icmp_number(self, ast): if 0 <= int(ast) < 255: return int(ast) else: raise FailedSemantics('ICMP code/type must be between 0 and 255')
def port_number(self, ast): if not 0 < ast < 2 ** 16: raise FailedSemantics('Port number must be between 0 and 2^16') return ast
def token(self, ast, *args): token = ast if not token: raise FailedSemantics('empty token') return grammars.Token(token)
def NAME(self, ast): # type: (Any) -> _Result if ast.lower() in self.keywords: raise FailedSemantics("'{}' is a keyword.".format(ast)) return ast