PERFORCE change 167291 for review

Tatsiana Elavaya tsel at FreeBSD.org
Thu Aug 13 15:14:47 UTC 2009 

http://perforce.freebsd.org/chv.cgi?CH=167291

Change 167291 by tsel at tsel_mz on 2009/08/13 15:13:51

	Add support for anonymous conditions
	Add command line options. -g -- add line numbers to comments, -n rule number to start with, -i rule number increment

Affected files ...

.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/Makefile#4 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/ipfw.hll.c#4 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/ipfw.hll.h#4 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/parse.y#4 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/subr.c#3 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/Makefile#3 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test4#3 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test4.output#2 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test5#2 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test7#2 edit
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test8#1 add
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test8.output#1 add
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test9#1 add
.. //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test9.output#1 add

Differences ...

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/Makefile#4 (text+ko) ====

@@ -11,7 +11,7 @@
 DPADD=	${LIBL}
 LDADD=	-ll
 
-DEBUG_FLAGS+= -g -O0
+DEBUG_FLAGS+= -g -O0 -DIPFW_HLL_DEBUG
 
 .PHONY: test
 test:

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/ipfw.hll.c#4 (text+ko) ====

@@ -27,14 +27,27 @@
 #include <stdlib.h>
 #include <string.h>
 #include <err.h>
+#include <unistd.h>
 #include <sysexits.h>
+#include <libgen.h>
 
 #include "ipfw.hll.h"
 
+struct opts {
+	int rulenum;
+	int rulenum_inc;
+	int debug;
+};
+
 struct ruleset *toplevel_ruleset;
+struct opts opts = {
+	.rulenum = 0,
+	.rulenum_inc = 100,
+};
 
 extern int yyparse();
-extern const char * yyfile;
+extern const char *yyfile;
+static const char *yyfile_stdin = "<stdin>";
 
 static void expand_rule(struct rule *rule, struct ruleset *ruleset);
 static void expand_cond(struct cond *cond, struct condset *condset);
@@ -55,6 +68,7 @@
 	struct rule *ri;
 
 	if (rule->action_ruleset) {
+		DPRINTF("action ruleset @%d\n", rule->lineno);
 		expand_ruleset(rule->action_ruleset);
 		while (!TAILQ_EMPTY(&rule->action_ruleset->rules)) {
 			ri = TAILQ_FIRST(&rule->action_ruleset->rules);
@@ -139,6 +153,10 @@
 	char *cmdval;
 
 	TAILQ_FOREACH(r, &toplevel_ruleset->rules, rule_entries) {
+		if (opts.rulenum != 0) {
+			printf("%d ", opts.rulenum);
+			opts.rulenum += opts.rulenum_inc;
+		}
 		printf("add ");
 		TAILQ_FOREACH(c, &r->actions, cmd_entries) {
 			if (c->cmd_condset) {
@@ -157,14 +175,20 @@
 					free(cmdval);
 			}
 		}
-		printf("\n", r->lineno);
+		if (opts.debug) {
+			if (yyfile == yyfile_stdin)
+				printf("// line %d", TAILQ_LAST(&r->actions, cmd_head)->lineno);
+			else
+				printf("// %s:%d", yyfile, TAILQ_LAST(&r->actions, cmd_head)->lineno);
+		}
+		printf("\n");
 	}
 }
 
 static void
 usage(void)
 {
-	fprintf(stderr, "usage: ipfw.hll file\n");
+	fprintf(stderr, "usage: ipfw.hll [-gh] [-n rulenum] [-i increment] file\n");
         exit(EX_USAGE);
 
 }
@@ -173,16 +197,39 @@
 main(int argc, char **argv)
 {
 	struct rule *r, *rtmp;
-	int error;
+	int ch, error;
 	
-	if (argc > 2) {
+	while ((ch = getopt(argc, argv, "i:ghn:")) != -1) {
+		error = 1;
+		switch (ch) {
+		case 'n':
+			opts.rulenum = error = atoi(optarg);
+			break;
+		case 'i':
+			opts.rulenum_inc = error = atoi(optarg);
+			break;
+		case 'g':
+			opts.debug = 1;
+			break;
+		case 'h':
+		default:
+			usage();
+		}
+		if (error <= 0)
+			errx(EX_USAGE, "invalid arguments: -%c %s", ch, optarg);
+	}
+	argc -= optind;
+	argv += optind;
+
+	if (argc > 1) {
 		usage();
-	} else if (argc == 2) {
-		yyfile = argv[1];
+	} else if (argc == 1) {
+		yyfile = argv[0];
 		if (freopen(yyfile, "r", stdin) == NULL)
 			err(EX_OSERR, "%s", yyfile);
+		yyfile = strdup(basename(yyfile));
 	} else {
-		yyfile = "<stdin>";
+		yyfile = yyfile_stdin;
 	}
 
 	error = yyparse();

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/ipfw.hll.h#4 (text+ko) ====

@@ -26,7 +26,11 @@
 #include <sys/types.h>
 #include <sys/queue.h>
 
+#ifdef IPFW_HLL_DEBUG
 #define DPRINTF(fmt, ...) fprintf(stderr, "%s: " fmt, __func__, ## __VA_ARGS__)
+#else
+#define DPRINTF(fmt, ...) do { } while (0)
+#endif
 
 TAILQ_HEAD(rule_head, rule);
 TAILQ_HEAD(cond_head, cond);

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/parse.y#4 (text+ko) ====

@@ -188,21 +188,20 @@
 		{ $$ = NULL; }
 	| rule_action
 		{ $$ = $1; }
-	| cond rule_tail
+	| cond THEN rule_tail
 		{
-			$$ = $2;
+			$$ = $3;
 			$$->cond = $1;
 		}
 	;
 
 rule_tail
-	: THEN rule_action
-		{ $$ = $2; }
+	: rule_action
+		{ $$ = $1; }
 	| rule_body
 		{
 			$$ = rule_alloc();
 			$$->action_ruleset = $1;
-			DPRINTF("rule action_ruleset=%p\n", $$->action_ruleset);
 		}
 	;
 
@@ -277,6 +276,12 @@
 			if ($$->cmd_condset == NULL)
 				errx(EX_DATAERR, "%s:%d: condition set not found: %s", yyfile, $$->lineno, $2.s);
 		}
+	| cond_body
+		{
+			$$ = cmd_alloc();
+			$$->lineno = $1->lineno;
+			$$->cmd_condset = $1;
+		}
 	| str
 		{
 			$$ = cmd_alloc();

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/subr.c#3 (text+ko) ====

@@ -155,17 +155,22 @@
 void
 cmds_copy(struct cmd_head *dst, int insert_tail, struct cmd *begin, struct cmd *end)
 {
-	struct cmd *i, *n;
+	struct cmd *i, *n, *prev;
 
-	for (i = begin; i != end && i != NULL; i = TAILQ_NEXT(i, cmd_entries)) {
+	for (i = begin, prev = NULL; i != end && i != NULL; i = TAILQ_NEXT(i, cmd_entries)) {
 		n = safe_calloc(sizeof(struct cmd));
 		n->cmd = i->cmd;
 		n->cmd_condset = i->cmd_condset;
 		n->lineno = i->lineno;
-		if (insert_tail)
+		if (insert_tail) {
 			TAILQ_INSERT_TAIL(dst, n, cmd_entries);
-		else
-			TAILQ_INSERT_HEAD(dst, n, cmd_entries);
+		} else {
+			if (prev == NULL)
+				TAILQ_INSERT_HEAD(dst, n, cmd_entries);
+			else
+				TAILQ_INSERT_AFTER(dst, prev, n, cmd_entries);
+			prev = n;
+		}
 	}
 }
 

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/Makefile#3 (text+ko) ====

@@ -1,4 +1,4 @@
-TESTS+= test0 test1 test2 test3 test4 test5 test6 test7
+TESTS+= test0 test1 test2 test3 test4 test5 test6 test7 test8 test9
 TESTS+= t_dup_name1 t_dup_name2
 
 all: test

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test4#3 (text+ko) ====

@@ -10,6 +10,6 @@
 
 cond c1 c2 @q => allow
 cond c3 @q c4 => allow
-cond c1 c2 @w => allow
+cond c1 c2 c3 c4 @w => allow
 cond c3 @w @q c4 => allow
 cond @w c5 c6 @q => allow

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test4.output#2 (text+ko) ====

@@ -2,8 +2,8 @@
 add allow c1 c2 q21 q22 
 add allow c3 q11 q12 c4 
 add allow c3 q21 q22 c4 
-add allow c1 c2 w11 w12 
-add allow c1 c2 w21 w22 
+add allow c1 c2 c3 c4 w11 w12 
+add allow c1 c2 c3 c4 w21 w22 
 add allow c3 w11 w12 q11 q12 c4 
 add allow c3 w21 w22 q11 q12 c4 
 add allow c3 w11 w12 q21 q22 c4 

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test5#2 (text+ko) ====

@@ -10,7 +10,7 @@
 }
 
 ruleset r0 {
-	if c1 {
+	if c1 => {
 		if c1-1 c1-2 then allow
 		deny
 	}

==== //depot/projects/soc2009/tsel_ipfw/libexec/ipfw.hll/test/test7#2 (text+ko) ====

@@ -22,12 +22,11 @@
 # ruleset = set of ipfw rules
 # rule is just like generic ipfw rule but can contain predicates
 ruleset ruleset_1 {
-    if @predicate_1 {
+    if @predicate_1 => {
             if proto tcp then allow
             deny
         }
     if proto udp then deny
-#              ^^^^ support anonymous rules/predicates
 }
 
 # unnamed = default ruleset

More information about the p4-projects mailing list