aurore/firewall
10
0
Fork 0
Code Issues Pull requests Releases Activity

Add support for IP prefixes

Browse source
This commit is contained in:
jeltz 2022-08-29 08:36:19 +02:00
parent 848a4269c4
commit c1450c704c
Signed by: jeltz
GPG key ID: 800882B66C0C3326
2 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dune
View file

@ -1,3 +1,3 @@
(executable (executable
(name firewall) (name firewall)
(libraries yojson)) (libraries yojson ipaddr))

11
nftables.ml
View file

@ -1,4 +1,5 @@
open Utils open Utils
open Ipaddr
type _ udp = type _ udp =
| UdpDport : int udp | UdpDport : int udp
@ -16,6 +17,8 @@ type _ expr =
| String : string -> string expr | String : string -> string expr
| Number : int -> int expr | Number : int -> int expr
| Boolean : bool -> int expr | Boolean : bool -> int expr
| Ipv4 : (V4.t * V4.Prefix.t) -> (V4.t * V4.Prefix.t) expr
| Ipv6 : (V6.t * V6.Prefix.t) -> (V6.t * V6.Prefix.t) expr
| List : 'a expr list -> 'a expr | List : 'a expr list -> 'a expr
| Set : 'a expr list -> 'a expr | Set : 'a expr list -> 'a expr
| Range : 'a expr * 'a expr -> 'a expr | Range : 'a expr * 'a expr -> 'a expr
@ -102,6 +105,14 @@ let rec json_of_expr : type a. a expr -> Yojson.Basic.t = function
| String s -> `String s | String s -> `String s
| Number n -> `Int n | Number n -> `Int n
| Boolean b -> `Bool b | Boolean b -> `Bool b
| Ipv4 (a, p) -> assoc_one "prefix" (`Assoc [
("addr", `String (V4.to_string a));
("len", `Int (V4.Prefix.bits p))
])
| Ipv6 (a, p) -> assoc_one "prefix" (`Assoc [
("addr", `String (V6.to_string a));
("len", `Int (V6.Prefix.bits p))
])
| List l -> `List (List.map json_of_expr l) | List l -> `List (List.map json_of_expr l)
| Set s -> assoc_one "set" (`List (List.map json_of_expr s)) | Set s -> assoc_one "set" (`List (List.map json_of_expr s))
| Range (a, b) -> | Range (a, b) ->