blob: ccde07646d9e5d17c8f7c5c59fbec9b5253143ce (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
/***************************************************************************
begin : Mon Feb 4 2002
copyright : (C) 2002 by Christian Hubinger
email : chubinger@irrsinnig.org
***************************************************************************/
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
***************************************************************************/
#ifndef IPTRULE_H
#define IPTRULE_H
#include "netfilterobject.h"
#include <tqptrlist.h>
#include <tqdict.h>
#include <kdemacros.h>
// Project Includes
#include "iptruleoption.h"
/**
*@author Christian Hubinger
*/
class TQString;
namespace KMF {
class IPTChain;
class IPTable;
class KMFError;
class KMFCheckInput;
/** This class represents one "Rule" in the ruleset needed to settup
the firewall those rule look like: $IPT -A CHAINNAME [ OPTIONS ] -j TARGET [ OPTIONS ]
*/
class KDE_EXPORT IPTRule : public NetfilterObject {
public:
/** The only constructor that sets the name,chain,target and table. */
IPTRule( IPTChain* chain, const char *objectname , const TQString& name , const TQString& target );
~IPTRule();
virtual int type();
virtual void clear();
/** Sets the name of the rule to name.
This name is displayed in the Document View */
KMFError* setRuleName( const TQString& name );
/** Sets the chain for which this Rule applies */
void setChain( IPTChain* chain );
/** Sets the Target for the Rule */
void setTarget( const TQString& target );
/** Sets the Table of the rule to table */
void setTable( IPTable* table ); // FIXME: set IPTable to use default="filter"
/** Enable/Disable cmd line generation for this rule */
void setEnabled( bool on );
/** Return true if the Rule is enabled; else returns false */
bool enabled() const {
return m_enabled;
};
/** Enable/Disable logging rule for this rule */
void setLogging( bool on );
/** Return true if the rule logging is turend on;
else returns false */
bool logging() const {
return m_log_rule;
};
/** Addes a ruleoption defined the a string optionname
e.g. "ip_opt" "state" and the strings needed to define
all options is given by the list options values of the */
bool addRuleOption( TQString& optionname, TQPtrList<TQString>& options );
/** Addes a rule target option defined the a string optionname
e.g. "ip_opt" "state" and the strings needed to define
all options is given by the list options values of the */
bool addTargetOption( TQString& optionname, TQPtrList<TQString>& options );
/** Returns the chain to which this rule belongs */
IPTChain* chain() const {
return m_chain;
};
/** Returns the table to which this rule belongs */
IPTable* table() const {
return m_table;
};
/** Returns a ruleoption object for this option type if it
exists.
If no one exists a new rule option will be created with the given type.
If the type is invalid 0 is returned. */
IPTRuleOption* getOptionForName( const TQString& );
/** Returns the target of the rule */
const TQString& target() const ;
/** Return the rule number in it's chain */
int ruleNum() const;
/** Return true if this is a rule eith custom options */
bool customRule() const {
return m_custom_rule;
};
/** Set the custom rule flag */
void setCustomRule( bool );
/** Returns the commandline that this rule represents */
const TQString& toString();
/** Serialize the rule to a TQDomDocument */
const TQDomDocument& getDOMTree();
/** Load the rule from the TQDomDocument */
virtual void loadXML( const TQDomDocument&, TQStringList& errors );
/** Load rule From DomNode */
virtual void loadXML( TQDomNode, TQStringList& errors );
/** Creates a deep copy of the rule */
void createRuleClone( IPTRule* );
/** Returns List of all possible Targets for this rule */
TQStringList availableTargets() const;
/** Returns true if the target is the name of a chain
e.g the rule forwards packets to a chain */
bool isForward() const;
private:
/** The chain of the rule */
IPTChain *m_chain;
/** The table of the rule */
IPTable *m_table;
/** The target of the rule */
TQString m_target;
KMFError *m_err;
KMFCheckInput *m_check_input;
TQDict<IPTRuleOption> m_options;
bool m_enabled;
bool m_log_rule;
bool m_custom_rule;
TQString opt;
TQString ipt_cmd;
TQString tab;
TQString ap;
TQString ws;
TQString post;
TQString option_cmd;
};
}
#endif
|
