verinec.netsim.firewall.packetFilter
Class PacketFilterChain

java.lang.Object
  verinec.netsim.firewall.packetFilter.PacketFilterChain

All Implemented Interfaces:

IPacketFilter

public class PacketFilterChain
extends Object
implements IPacketFilter

Version:

$Revision: 825 $

Author:

jason.hug@unifr.ch

Field Summary

private DefaultPolicy	defaultPolicy Default Policy of the chain.
private String	id ID of the chain.
private Logger	logger
private String	name Name of the chain.
private Vector	packetFilterRules Packet Filter Rules of the chain.
private int	rulePosition What rule positon the chain jumped from.

Constructor Summary

PacketFilterChain(Element node)
Creates a new Packet Filter Chain and configures the default policy and the packet filter rules which are specified in the node Element.

PacketFilterChain(String name)
Creates a Packet Filter Chain with an empty rule-set and with an ACCEPT Default Policy.

Method Summary

DefaultPolicy	getDefaultPolicy()
String	getId()
String	getName()
Vector	getPacketFilterRules()
int	getRulePosition()
private void	initPacketFilterRules(List rules)
IPacketAction	matchAction(Packet packet, String interfaceRef, String direction, String hostname, String simTime, ILogger eventsLog) This method receives a packet and checks in the defined packet-filter-chains if there are any rules that match.
boolean	matchId(String id) Checks if a specified id matches this packet filter chains id.
void	setDefaultPolicy(DefaultPolicy defaultPolicy)
void	setId(String id)
void	setName(String name)
void	setPacketFilterRules(Vector packetFilterRules)
void	setRulePosition(int rulePosition)
String	toString() This returns a String representation of the Packet Filter

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

logger

private Logger logger

name

private String name

Name of the chain.

id

private String id

ID of the chain.

rulePosition

private int rulePosition

What rule positon the chain jumped from. This field is used for goto cases. The chain remembers this way at what position the chain was when jumping to another chain.

defaultPolicy

private DefaultPolicy defaultPolicy

Default Policy of the chain.

packetFilterRules

private Vector packetFilterRules

Packet Filter Rules of the chain.

Constructor Detail

PacketFilterChain

public PacketFilterChain(Element node)

Creates a new Packet Filter Chain and configures the default policy and the packet filter rules which are specified in the node Element.

Parameters:

node - Element which specifies the configs for the default policy and packet filter rules.

PacketFilterChain

public PacketFilterChain(String name)

Creates a Packet Filter Chain with an empty rule-set and with an ACCEPT Default Policy. This constructor is used to create default INPUT, OUTPUT and FORWARD chains if none were already specified in the node. No ID needs to be set for these simple default chains.

Parameters:

name - Name of the chain.

Method Detail

matchAction

public IPacketAction matchAction(Packet packet,
                                 String interfaceRef,
                                 String direction,
                                 String hostname,
                                 String simTime,
                                 ILogger eventsLog)

Description copied from interface: IPacketFilter

This method receives a packet and checks in the defined packet-filter-chains if there are any rules that match. If so the defined action is returned. If no match was observed the default policy of the packet-filter-chain is returned.

Specified by:

matchAction in interface IPacketFilter

Parameters:

packet - Packet that should be inspected.

interfaceRef - From which interface the packet came from.

direction - In which direction the packet is heading. Use @link verinec.netsim.firewall.IFirewall#IN IN, @link verinec.netsim.firewall.IFirewall#OUT OUT or @link verinec.netsim.firewall.IFirewall#FORWARD FORWARD.

hostname - The hostname of the node for which the firewall is checking for.

simTime - Simulation time at which the firewall is being consulted.

eventsLog - The Verinec Simulator Event logger instance.

Returns:

The corresponding Action.

See Also:

IPacketFilter.matchAction(verinec.netsim.entities.packets.Packet, java.lang.String, java.lang.String, java.lang.String, java.lang.String, verinec.netsim.loggers.ILogger)

matchId

public boolean matchId(String id)

Checks if a specified id matches this packet filter chains id.

Parameters:

id - The ID to match

Returns:

True if the ID matches to this chain-ID. False otherwise.

initPacketFilterRules

private void initPacketFilterRules(List rules)

getDefaultPolicy

public DefaultPolicy getDefaultPolicy()

Returns:

Returns the defaultPolicy.

setDefaultPolicy

public void setDefaultPolicy(DefaultPolicy defaultPolicy)

Parameters:

defaultPolicy - The defaultPolicy to set.

getId

public String getId()

Returns:

Returns the id.

setId

public void setId(String id)

Parameters:

id - The id to set.

getName

public String getName()

Returns:

Returns the name.

setName

public void setName(String name)

Parameters:

name - The name to set.

getPacketFilterRules

public Vector getPacketFilterRules()

Returns:

Returns the packetFilterRules.

setPacketFilterRules

public void setPacketFilterRules(Vector packetFilterRules)

Parameters:

packetFilterRules - The packetFilterRules to set.

toString

public String toString()

Description copied from interface: IPacketFilter

This returns a String representation of the Packet Filter

Specified by:

toString in interface IPacketFilter

Overrides:

toString in class Object

Returns:

the a String representation of the Packet Filter

See Also:

IPacketFilter.toString()

getRulePosition

public int getRulePosition()

Returns:

Returns the rulePosition.

setRulePosition

public void setRulePosition(int rulePosition)

Parameters:

rulePosition - The rulePosition to set.