"Fossies" - the Fresh Open Source Software Archive

Member "fwbuilder-5.1.0.3599/src/cisco_lib/ACL.cpp" (23 Mar 2012, 3976 Bytes) of archive /linux/misc/fwbuilder-5.1.0.3599.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "ACL.cpp" see the Fossies "Dox" file reference documentation.

    1 /* 
    2 
    3                           Firewall Builder
    4 
    5                  Copyright (C) 2004 NetCitadel, LLC
    6 
    7   Author:  Vadim Kurland     vadim@vk.crocodile.org
    8 
    9   $Id$
   10 
   11   This program is free software which we release under the GNU General Public
   12   License. You may redistribute and/or modify this program under the terms
   13   of that license as published by the Free Software Foundation; either
   14   version 2 of the License, or (at your option) any later version.
   15 
   16   This program is distributed in the hope that it will be useful,
   17   but WITHOUT ANY WARRANTY; without even the implied warranty of
   18   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   19   GNU General Public License for more details.
   20  
   21   To get a copy of the GNU General Public License, write to the Free Software
   22   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23 
   24 */
   25 
   26 #include "ACL.h"
   27 
   28 #include <sstream>
   29 
   30 
   31 using namespace fwcompiler;
   32 using namespace std;
   33 
   34 
   35 string ciscoACL::addLine(const std::string &s)
   36 {
   37     acl.push_back(s);
   38     nlines++;
   39     return printLastLine();
   40 }
   41 
   42 /*
   43  * "remark" lines should be less than 101 on PIX/ASA and less than 100 on IOS
   44  */
   45 string ciscoACL::trimLine(const string &s)
   46 {
   47     string trimmed_comment_line;
   48     
   49     if (s.length() < 100)  trimmed_comment_line = s;
   50     else trimmed_comment_line = s.substr(0, 100);
   51 
   52     // remove white space at the beginning and the end
   53     string whitespaces(" \t\f\v\n\r");
   54     string::size_type n1,n2;
   55 
   56     n1 = trimmed_comment_line.find_first_not_of(whitespaces);
   57     if (n1 != string::npos) trimmed_comment_line.erase(0, n1);
   58     else trimmed_comment_line.clear(); // all whitespace
   59 
   60     n2 = trimmed_comment_line.find_last_not_of(whitespaces);
   61     if (n2 != string::npos) trimmed_comment_line.erase(n2+1);
   62     else trimmed_comment_line.clear();
   63 
   64     return trimmed_comment_line;
   65 }
   66 
   67 string ciscoACL::quoteLine(const string &s)
   68 {
   69     if (quote_remarks && s.find(' ') != string::npos)
   70         return "\"" + s + "\"";
   71     else
   72         return s;
   73 }
   74 
   75 /*
   76  * Adds remark to access list. Checks and adds each remark only
   77  * once. We use rule labels for remarks
   78  */
   79 string ciscoACL::addRemark(const std::string &rl, const std::string &comment)
   80 {
   81     string output;
   82     if (_last_rule_label != rl)
   83     {
   84         acl.push_back(" remark " + quoteLine(trimLine(rl)));
   85 
   86         output += printLastLine();
   87         nlines++;
   88 
   89         if (!comment.empty())
   90         {
   91             string::size_type n, c1;
   92             c1 = 0;
   93             string trimmed_comment_line;
   94 
   95             while ( (n = comment.find("\n", c1)) != string::npos )
   96             {
   97                 trimmed_comment_line = trimLine(comment.substr(c1, n-c1));
   98                 if (!trimmed_comment_line.empty())
   99                 {
  100                     acl.push_back(" remark " + quoteLine(trimmed_comment_line));
  101                     output += printLastLine();
  102                     nlines++;
  103                 }
  104                 c1 = n + 1;
  105             }
  106 
  107             trimmed_comment_line = trimLine(comment.substr(c1, n-c1));
  108             if (!trimmed_comment_line.empty())
  109             {
  110                 acl.push_back(" remark " + quoteLine(trimmed_comment_line));
  111                 output += printLastLine();
  112                 nlines++;
  113             }
  114         }
  115 
  116         _last_rule_label = rl;
  117         return output;
  118     }
  119     return "";
  120 }
  121 
  122 
  123 string ciscoACL::print()
  124 {
  125     ostringstream  str;
  126 
  127     for (list<string>::iterator s=acl.begin(); s!=acl.end(); s++)
  128         str << printLine(*s);
  129 
  130     return str.str();
  131 }
  132 
  133 string ciscoACL::printLastLine()
  134 {
  135     return printLine(acl.back());
  136 }
  137  
  138 string ciscoACL::printLine(const string &s)
  139 {
  140     ostringstream  str;
  141 
  142     // _ip_acl means Cisco IOS "ip access-list extended <name>" style ACL
  143     // actual lines of the access list just start with "permit" or "deny"
  144     if ( s.find('!')!=0 )
  145     {
  146         if (_ip_acl) str << "  ";
  147         else  str << "access-list " << _workName << " ";
  148     }
  149     str << s << endl;
  150 
  151     return str.str();
  152 }
  153