Iptable (Verified Network Configuration VeriNeC 0.0.1 API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

verinec.importer.parser.iptables
Class Iptable

java.lang.Object
  verinec.importer.parser.iptables.Iptable

public class Iptable
extends Object
extends Object

The Iptable class represents a table of the iptable configuration.

The class constructs VeriNeC <packet-filter-chain> XML elements.

Author:: geraldine.antener at unifr.ch

Field Summary
`Vector`	`chains` Result of Iptable(): a Vector containing the generated <packet-filter-chain> elements
`Hashtable`	`chainTable` A table mapping chainnames to chain ids
`private ImporterEnvironment`	`config`
`private String`	`currentChainId` Id of chain currently being generated.
`private String`	`currentChainName` Name of chain currently being generated.
`private int`	`currentRule` Number of the rule in the chain generated at the moment
`private Hashtable`	`interfaceTable` The table containing the ids of the interface names -> local copy of the ImporterEnvironments interfacesTable
`private Lexer`	`lexer` data of the lexical analysis of the String iptdata
`private Logger`	`log` Debugging.
`private Parser`	`parser` data of the parsed String iptdata

Constructor Summary
`Iptable(String iptdata, ImporterEnvironment config)` constructor calls lexer and parser calls GenerateTable which initialises the traversation of the parse tree and the generation of the XML elements

Method Summary
`private static String`	`field2class(int fieldvalue)` Convert the integer field value to ecn class names.
`Element`	`generateActionList(Parser.RuleParserToken rule)` Generate a VeriNeC <packet-action-list> XML element
`Element`	`generateChain(Parser.ChainParserToken pchain)` Generate a VeriNeC <packet-filter-chain> XML element
`Element`	`generateDsfield(Enumeration poptions)` Generate a VeriNeC <match-dsfield> XML element
`Element`	`generateFlags(Parser.TcpFlagOptionParserToken pflags)` Generate a VeriNeC <match-tcp-flags> XML element
`Element`	`generateIpEcn(Enumeration poptions)` Generate a VeriNeC <match-ecnfield> XML element
`Element`	`generateLog(Enumeration poptions)` Generate a log attribute level
`Element`	`generateMatchAddr(Parser.AddressParserToken paddr, String type)` Generate a VeriNeC <match-source> or <match-destination> XML element The type is match-ipnet.
`Element`	`generateMatchIcmp(Enumeration poptions, boolean negate)` Generate a VeriNeC <match-icmp> XML element
`Content`	`generateMatchInterface(Parser.InterfaceParserToken pif, String direction)` Generate a VeriNeC <match-interface> XML element
`Element`	`generateMatchIpv4(Parser.RuleParserToken rule)` Generate a VeriNeC <match-ipv4> XML element
`Element`	`generateMatchList(Parser.RuleParserToken rule)` tagGenerate a VeriNeC <packet-match-list> XML element
`Element`	`generateMatchMac(Enumeration poptions)` Generate a VeriNeC <match-mac> XML element
`Element`	`generateMatchStates(Enumeration poptions)` Generate a VeriNeC <match-state> XML element
`Element`	`generateMatchTcp(Enumeration poptions, boolean negate)` Generate a VeriNeC <match-tcp> XML element
`Element`	`generateMatchUdp(Enumeration poptions, boolean negate)` Generate a VeriNeC <match-udp> XML element
`Element`	`generatePolicy(Parser.ParenthesisParserToken para)` Generate a VeriNeC <default-policy> XML element
`Element`	`generatePort(Parser.PortOptionParserToken port, String type)` Generate a VeriNeC <match-xxx-port-rage> XML element for tcp and udp ports
`Element`	`generateReject(Enumeration poptions)` Generate the reject attributes type and code
`Element`	`generateRule(Parser.RuleParserToken rule)` Generate a VeriNeC <packet-filter-rule> XML element
`Element`	`generateTcpEcn(Parser.EcnMatchOptionParserToken ptcpecn)` Generate a VeriNeC <match-tcp-ecn> XML element
`Element`	`generateTcpOpt(Parser.TcpOptOptionParserToken ptcpopt)` Generate a VeriNeC <match-tcp-option> XML element
`private String`	`logNumber2logString(int number)`
`private int`	`rejectType2int(String word)` Parse the word as a RejectType, transform it to integer.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

log

private Logger log

Debugging.

config

private ImporterEnvironment config

chains

public Vector chains

Result of Iptable(): a Vector containing the generated <packet-filter-chain> elements

lexer

private Lexer lexer

data of the lexical analysis of the String iptdata

parser

private Parser parser

data of the parsed String iptdata

chainTable

public Hashtable chainTable

A table mapping chainnames to chain ids

interfaceTable

private Hashtable interfaceTable

The table containing the ids of the interface names -> local copy of the ImporterEnvironments interfacesTable

currentChainId

private String currentChainId

Id of chain currently being generated.

currentChainName

private String currentChainName

Name of chain currently being generated.

currentRule

private int currentRule

Number of the rule in the chain generated at the moment

Constructor Detail

Iptable

public Iptable(String iptdata,
               ImporterEnvironment config)
        throws VerinecImporterException

constructor

calls lexer and parser

calls GenerateTable which initialises the traversation of the parse tree and the generation of the XML elements

Parameters:: iptdata - a String containing the data of the iptable configuartion of one table; config - the ImporterEnvironment object of that importation.
Throws:: VerinecImporterException - If the parser can not be instantiated or the table does not work.

Method Detail

generateChain

public Element generateChain(Parser.ChainParserToken pchain)
                      throws VerinecImporterException

Generate a VeriNeC <packet-filter-chain> XML element

Parameters:: pchain - The iptables chain to transform into XML
Returns:: The XML element. If the chain is empty, the element has no children.
Throws:: VerinecImporterException

generatePolicy

public Element generatePolicy(Parser.ParenthesisParserToken para)
                       throws VerinecImporterException

Generate a VeriNeC <default-policy> XML element

Parameters:: para - The default policy to parse
Returns:: The policy XML element if there is a default policy
Throws:: VerinecImporterException

generateRule

public Element generateRule(Parser.RuleParserToken rule)
                     throws VerinecImporterException

Generate a VeriNeC <packet-filter-rule> XML element

Parameters:: rule - The rule to parse
Returns:: An XML subtree for the rule
Throws:: VerinecImporterException

generateMatchList

public Element generateMatchList(Parser.RuleParserToken rule)
                          throws VerinecImporterException

tagGenerate a VeriNeC <packet-match-list> XML element

Parameters:: rule - The match list rule to parse
Returns:: The XML element for this match list
Throws:: VerinecImporterException

generateMatchInterface

public Content generateMatchInterface(Parser.InterfaceParserToken pif,
                                      String direction)
                               throws VerinecImporterException

Generate a VeriNeC <match-interface> XML element

Parameters:: pif - The match interface token; direction - Direction of traffic
Returns:: An XML element for match interface or null if there is no match interface criteria
Throws:: VerinecImporterException

generateMatchMac

public Element generateMatchMac(Enumeration poptions)
                         throws VerinecImporterException

Generate a VeriNeC <match-mac> XML element

Parameters:: poptions - The match options
Returns:: The element if there are any options or null if there is none.
Throws:: VerinecImporterException

generateMatchIpv4

public Element generateMatchIpv4(Parser.RuleParserToken rule)
                          throws VerinecImporterException

Generate a VeriNeC <match-ipv4> XML element

Parameters:: rule - The rule to check for source and target addresses and attributes
Returns:: The element to match IPv4
Throws:: VerinecImporterException

generateMatchAddr

public Element generateMatchAddr(Parser.AddressParserToken paddr,
                                 String type)
                          throws VerinecImporterException

Generate a VeriNeC <match-source> or <match-destination> XML element The type is match-ipnet.

Parameters:: paddr - The address token; type - The direction type
Returns:: The XML element
Throws:: VerinecImporterException

generateDsfield

public Element generateDsfield(Enumeration poptions)
                        throws VerinecImporterException

Generate a VeriNeC <match-dsfield> XML element

Parameters:: poptions - DS field options
Returns:: The XML element for match dsfield
Throws:: VerinecImporterException

field2class

private static String field2class(int fieldvalue)

Convert the integer field value to ecn class names.

Parameters:: fieldvalue - The ecn field value
Returns:: The ecn string specifier

generateIpEcn

public Element generateIpEcn(Enumeration poptions)
                      throws VerinecImporterException

Generate a VeriNeC <match-ecnfield> XML element

Parameters:: poptions - The ecn field options to match
Returns:: A XML element
Throws:: VerinecImporterException

generateMatchTcp

public Element generateMatchTcp(Enumeration poptions,
                                boolean negate)
                         throws VerinecImporterException

Generate a VeriNeC <match-tcp> XML element

Parameters:: poptions - TCP match options; negate - Whether to negate the options
Returns:: An XML element for match-tcp
Throws:: VerinecImporterException

generatePort

public Element generatePort(Parser.PortOptionParserToken port,
                            String type)
                     throws VerinecImporterException

Generate a VeriNeC <match-xxx-port-rage> XML element for tcp and udp ports

Parameters:: port - The token designating the port; type - Whether it is udp or tcp
Returns:: A port match XML element
Throws:: VerinecImporterException

generateFlags

public Element generateFlags(Parser.TcpFlagOptionParserToken pflags)
                      throws VerinecImporterException

Generate a VeriNeC <match-tcp-flags> XML element

Parameters:: pflags - The flags to match
Returns:: An XML element to match the flags.
Throws:: VerinecImporterException

generateTcpOpt

public Element generateTcpOpt(Parser.TcpOptOptionParserToken ptcpopt)
                       throws VerinecImporterException

Generate a VeriNeC <match-tcp-option> XML element

Parameters:: ptcpopt - The tcp options parameter
Returns:: An XML element to match the tcp options
Throws:: VerinecImporterException

generateTcpEcn

public Element generateTcpEcn(Parser.EcnMatchOptionParserToken ptcpecn)
                       throws VerinecImporterException

Generate a VeriNeC <match-tcp-ecn> XML element

Parameters:: ptcpecn - TCP ecn options specification
Returns:: The XML element matching the specified tcp encoding options
Throws:: VerinecImporterException

generateMatchUdp

public Element generateMatchUdp(Enumeration poptions,
                                boolean negate)
                         throws VerinecImporterException

Generate a VeriNeC <match-udp> XML element

Parameters:: poptions - The udp match options; negate - If true, the test is whether the protocol is not udp
Returns:: The match udp element or null if the input does not contain udp
Throws:: VerinecImporterException

generateMatchIcmp

public Element generateMatchIcmp(Enumeration poptions,
                                 boolean negate)
                          throws VerinecImporterException

Generate a VeriNeC <match-icmp> XML element

Parameters:: poptions - ICMP options; negate - If true, the test is that the packet is not icmp
Returns:: The XML element for this icmp test or null if no icmp in test
Throws:: VerinecImporterException

generateMatchStates

public Element generateMatchStates(Enumeration poptions)
                            throws VerinecImporterException

Generate a VeriNeC <match-state> XML element

Parameters:: poptions - option tokens, possibly StateOption
Returns:: The XML element for this icmp test or null if no icmp in test
Throws:: VerinecImporterException

generateActionList

public Element generateActionList(Parser.RuleParserToken rule)
                           throws VerinecImporterException

Generate a VeriNeC <packet-action-list> XML element

Parameters:: rule - The action list token
Returns:: An XML element with the action list.
Throws:: VerinecImporterException

generateReject

public Element generateReject(Enumeration poptions)
                       throws VerinecImporterException

Generate the reject attributes type and code

Parameters:: poptions - The reject options
Returns:: The XML element for this reject action
Throws:: VerinecImporterException

rejectType2int

private int rejectType2int(String word)

Parse the word as a RejectType, transform it to integer.

Parameters:: word - The icmp code word
Returns:: The icmp number in [0..255] for this word or -1 on error (which is not permitted in the schema).

generateLog

public Element generateLog(Enumeration poptions)
                    throws VerinecImporterException

Generate a log attribute level

Parameters:: poptions - The log level option
Returns:: An XML element for the log action
Throws:: VerinecImporterException

logNumber2logString

private String logNumber2logString(int number)