package pf-qubes

  1. Overview
  2. Docs
QubesOS firewall ruleset handling library

Install 

dune-project
 Dependency

github.com Readme Changelog AGPL-3.0-only License Edit opam file Versions (3)

Authors

  1. R
    Robur.coop

Maintainers

  1. T
    team@robur.coop

Sources

pf-qubes-0.1.2.tbz
sha256=f1eb3921e827b13e6edfaeb1fcf39360f965e59aec3e8509691490fde24b281c
sha512=5d83e2d7b95dd0577ba762e6e73ecd0ae96ca84efc55df6421cb18c83c1ff4a2d8d6d11a6a2987a925a6006b2e46fa8f18d66cf8d2b5107b8f227bd22a534784

doc/README.html

ocaml-pf

An Angstrom-based parser for the FreeBSD pf firewall configuration format.

implementation status

Ticked below are the lines that are (at least partially) implemented.

  • macro definitions (NB: macro expansion is NOT)
  • option
  • pf-rule
  • nat-rule
  • binat-rule
  • rdr-rule
  • antispoof-rule
  • altq-rule
  • queue-rule
  • trans-anchors
  • anchor-rule
  • anchor-close
  • load-anchor
  • table-rule
  • include

contributing

  • I would be very grateful for examples of rules that trip the parser - please file an issue ticket on GitHub.
  • Ideas regarding the AST, the API, or other suggestions are also very welcome.
  • It is always nice with improvements to the pretty-printers! :-)
  • Support for more lines is a goal, you can help by writing PRs or submitting examples of syntax that is not handled by the parser.
  • Before taking on larger rewrites, please get in touch so we can avoid merge conflicts.

compiling the example

First, install the dependencies:

opam pin add -n pf .
opam install --deps-only pf

# build test executable, self-test rules from 'man pf.conf':
jbuilder runtest

This will give you the parse_conf.exe utility that you can use to parse firewall configuration files:

./_build/default/test/parse_conf.exe /home/me/my-pf-file.conf
Reading "/home/me/my-pf-file.conf"
Line 0: ext_bridge = "external"
Read 1 lines!