/// <summary>
/// Parse a IPTables rule
/// </summary>
/// <param name="rule"></param>
/// <param name="system"></param>
/// <param name="chains"></param>
/// <param name="version"></param>
/// <param name="defaultTable"></param>
/// <param name="createChain"></param>
/// <returns></returns>
public static IpTablesRule Parse(String rule, NetfilterSystem system, IpTablesChainSet chains,
int version = 4, String defaultTable = "filter", ChainCreateMode createChain = ChainCreateMode.CreateNewChainIfNeeded)
{
CommandParser parser;
var ipCmd = IpTablesCommand.Parse(rule, system, chains, out parser, version, defaultTable);
if (ipCmd.Type != IpTablesCommandType.Add)
{
throw new IpTablesParserException(rule, "must be add rule to parse");
}
var chain = parser.GetChainFromSet();
if (chain == null)
{
if (createChain == ChainCreateMode.DontCreateErrorInstead)
{
throw new IpTablesParserException(rule, String.Format("Unable to find chain: {0}", parser.ChainName));
}
var ipVersion = chains == null ? 4 : chains.IpVersion;
if (createChain == ChainCreateMode.ReturnNewChain)
{
chain = parser.GetNewChain(system, ipVersion);
}
else
{
chain = parser.CreateChain(system, ipVersion);
}
}
Debug.Assert(chain.IpVersion == version);
ipCmd.Rule.Chain = chain;
return(ipCmd.Rule);
}
public void ApplyCommand(IpTablesCommand command)
{
var chain = Chains.GetChain(command.ChainName, command.Table);
switch (command.Type)
{
case IpTablesCommandType.Add:
chain.AddRule(command.Rule);
return;
case IpTablesCommandType.Delete:
chain.DeleteRule(command.Offset);
return;
case IpTablesCommandType.Replace:
chain.ReplaceRule(command.Offset, command.Rule);
return;
case IpTablesCommandType.Insert:
chain.InsertRule(command.Offset, command.Rule);
return;
}
throw new IpTablesNetException("Unknown command");
}
/// <summary>
/// Append extra options to an existing rule (via parsing)
/// </summary>
/// <param name="rule"></param>
/// <param name="version"></param>
/// <param name="chains"></param>
/// <param name="createChain"></param>
public void AppendToRule(String rule, int version = -1, IpTablesChainSet chains = null, bool createChain = false)
{
if (version == -1)
{
version = IpVersion;
}
Cow();
string[] arguments = ArgumentHelper.SplitArguments(rule);
int count = arguments.Length;
try
{
var command = new IpTablesCommand(Chain.Name, Chain.Table, IpTablesCommandType.Add);
command.Rule = this;
command.Table = Chain.Table;
var parser = new CommandParser(arguments, command, chains);
//Parse the extra options
bool not = false;
for (int i = 0; i < count; i++)
{
if (arguments[i] == "!")
{
not = true;
continue;
}
i += parser.FeedToSkip(i, not, version);
not = false;
}
//Only replace the chain if a new one has been supplied
if (chains != null && parser.ChainName != null)
{
var chain = parser.GetChainFromSet();
if (chain == null)
{
if (!createChain)
{
throw new IpTablesNetException(String.Format("Unable to find chain: {0}",
parser.ChainName));
}
chain = parser.GetNewChain(_system, chain.IpVersion);
}
Chain = chain;
}
}
catch (Exception ex)
{
throw new IpTablesParserException(rule, ex);
}
}
