xref: /netbsd-src/usr.sbin/npf/npfctl/npf_scan.l (revision b7b7574d3bf8eeb51a1fa3977b59142ec6434a55) 
1 /*	$NetBSD: npf_scan.l,v 1.21 2014/05/31 22:37:05 rmind Exp $	*/
2 
3 /*-
4  * Copyright (c) 2011-2012 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Martin Husemann.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 %{
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <err.h>
36 
37 #include "npfctl.h"
38 #include "npf_parse.h"
39 
40 int	yycolumn;
41 
42 #define	YY_USER_ACTION	yycolumn += yyleng;
43 
44 extern int		yyparsetarget;
45 extern int		yylineno;
46 extern const char *	yyfilename;
47 extern int		yyparse(void);
48 extern void		yyrestart(FILE *);
49 
50 void
51 npfctl_parse_file(const char *name)
52 {
53 	FILE *fp;
54 
55 	fp = fopen(name, "r");
56 	if (fp == NULL) {
57 		err(EXIT_FAILURE, "open '%s'", name);
58 	}
59 	yyparsetarget = NPFCTL_PARSE_FILE;
60 	yyrestart(fp);
61 	yylineno = 1;
62 	yycolumn = 0;
63 	yyfilename = name;
64 	yyparse();
65 	fclose(fp);
66 }
67 
68 void
69 npfctl_parse_string(const char *str)
70 {
71 	YY_BUFFER_STATE bs;
72 
73 	yyparsetarget = NPFCTL_PARSE_STRING;
74 	bs = yy_scan_string(str);
75 	yyfilename = "stdin";
76 	yyparse();
77 	yy_delete_buffer(bs);
78 }
79 
80 %}
81 
82 %option noyywrap nounput noinput
83 
84 ID	[a-zA-Z_][a-zA-Z_0-9]*
85 DID	[a-zA-Z_][a-zA-Z_0-9-]*
86 NUMBER	[0-9]+
87 HEXDIG	[0-9a-fA-F]+
88 
89 %%
90 alg			return ALG;
91 table			return TABLE;
92 type			return TYPE;
93 hash			return HASH;
94 tree			return TREE;
95 cdb			return CDB;
96 static			return TSTATIC;
97 dynamic			return TDYNAMIC;
98 file			return TFILE;
99 map			return MAP;
100 "<->"			return ARROWBOTH;
101 "<-"			return ARROWLEFT;
102 "->"			return ARROWRIGHT;
103 algo			return ALGO;
104 npt66			return NPT66;
105 "-"			return MINUS;
106 procedure		return PROCEDURE;
107 \\\n			yylineno++; yycolumn = 0;
108 \n			yylineno++; yycolumn = 0; return SEPLINE;
109 ;			return SEPLINE;
110 name			return NAME;
111 group			return GROUP;
112 default			return DEFAULT;
113 in			return IN;
114 out			return OUT;
115 forw			return FORW;
116 interface		return INTERFACE;
117 all			return ALL;
118 block			return BLOCK;
119 pass			return PASS;
120 pcap-filter		return PCAP_FILTER;
121 stateful		return STATEFUL;
122 stateful-ends		return STATEFUL_ENDS;
123 apply			return APPLY;
124 final			return FINAL;
125 quick			return FINAL;
126 on			return ON;
127 inet6			return INET6;
128 inet4			return INET4;
129 proto			return PROTO;
130 family			return FAMILY;
131 tcp			return TCP;
132 icmp			{ yylval.num = IPPROTO_ICMP; return ICMP; }
133 ipv6-icmp		{ yylval.num = IPPROTO_ICMPV6; return ICMP6; }
134 \"ipv6-icmp\"		{ yylval.num = IPPROTO_ICMPV6; return ICMP6; }
135 return-rst		return RETURNRST;
136 return-icmp		return RETURNICMP;
137 return			return RETURN;
138 ruleset			return RULESET;
139 from			return FROM;
140 to			return TO;
141 port			return PORT;
142 flags			return FLAGS;
143 icmp-type		return ICMPTYPE;
144 code			return CODE;
145 any			return ANY;
146 
147 "/"			return SLASH;
148 "{"			return CURLY_OPEN;
149 "}"			return CURLY_CLOSE;
150 "("			return PAR_OPEN;
151 ")"			return PAR_CLOSE;
152 ","			return COMMA;
153 "="			return EQ;
154 
155 "0x"{HEXDIG} {
156 			char *endp, *buf = ecalloc(1, yyleng + 1);
157 			buf[yyleng] = 0;
158 			yylval.num = strtoul(buf+2, &endp, 16);
159 			free(buf);
160 			return HEX;
161 		}
162 
163 {NUMBER}"."{NUMBER} {
164 			char *endp, *buf = estrndup(yytext, yyleng);
165 			yylval.fpnum = strtod(buf, &endp);
166 			free(buf);
167 			return FPNUM;
168 		}
169 
170 {HEXDIG}":"[0-9a-fA-F:]* {
171 			yylval.str = estrndup(yytext, yyleng);
172 			return IPV6ADDR;
173 		}
174 
175 "::"{HEXDIG}[0-9a-fA-F:]* {
176 			yylval.str = estrndup(yytext, yyleng);
177 			return IPV6ADDR;
178 		}
179 
180 {NUMBER}"."[0-9][0-9.]* {
181 			yylval.str = estrndup(yytext, yyleng);
182 			return IPV4ADDR;
183 		}
184 
185 {NUMBER}	{
186 			char *endp, *buf = estrndup(yytext, yyleng);
187 			yylval.num = strtoul(buf, &endp, 10);
188 			free(buf);
189 			return NUM;
190 		}
191 
192 "<"{DID}">"	{
193 			yylval.str = estrndup(yytext + 1, yyleng - 2);
194 			return TABLE_ID;
195 		}
196 
197 "$"{ID}		{
198 			yylval.str = estrndup(yytext + 1, yyleng - 1);
199 			return VAR_ID;
200 		}
201 
202 {ID}		{
203 			yylval.str = estrndup(yytext, yyleng);
204 			return IDENTIFIER;
205 		}
206 
207 \"[^\"]*\"	{
208 			yylval.str = estrndup(yytext + 1, yyleng - 2);
209 			return STRING;
210 		}
211 
212 #.*$		/* drop comment until end of line */
213 [ \t]		/* eat whitespace */
214 
215 :		return COLON;
216