package pf-qubes

  1. Overview
  2. Docs
QubesOS firewall ruleset handling library

Install

Dune Dependency

github.com Readme Changelog AGPL-3.0-only License Edit opam file Versions (2)

Authors

  1. R
    Robur.coop

Maintainers

  1. T
    team@robur.coop

Sources

pf-qubes-v0.1.1.tbz
sha256=4e21b305a83a5e4e4972d776298a05b4a9a177c8ad5a232f88654eed2909a7cf
sha512=a89295829a6b794dcd79a5d3092f92b77c67ecdb802a86beece6a93bdb24d3d5813e12c48f1d214d798d3e826c129cd14e8e77d6f23968a891b91cce0685100c

Description

pf-qubes provides a parser for the QubesOS (>=4.0) firewall ruleset syntax.

Tags

org:mirage

Published: 07 Dec 2020

README

ocaml-pf

Build status"

An Angstrom-based parser for the FreeBSD pf firewall configuration format.

implementation status

Ticked below are the lines that are (at least partially) implemented.

  • macro definitions (NB: macro expansion is NOT)
  • option
  • pf-rule
  • nat-rule
  • binat-rule
  • rdr-rule
  • antispoof-rule
  • altq-rule
  • queue-rule
  • trans-anchors
  • anchor-rule
  • anchor-close
  • load-anchor
  • table-rule
  • include

contributing

  • I would be very grateful for examples of rules that trip the parser - please file an issue ticket on GitHub.
  • Ideas regarding the AST, the API, or other suggestions are also very welcome.
  • It is always nice with improvements to the pretty-printers! :-)
  • Support for more lines is a goal, you can help by writing PRs or submitting examples of syntax that is not handled by the parser.
  • Before taking on larger rewrites, please get in touch so we can avoid merge conflicts.

compiling the example

First, install the dependencies:

opam pin add -n pf .
opam install --deps-only pf

# build test executable, self-test rules from 'man pf.conf':
jbuilder runtest

This will give you the parse_conf.exe utility that you can use to parse firewall configuration files:

./_build/default/test/parse_conf.exe /home/me/my-pf-file.conf
Reading "/home/me/my-pf-file.conf"
Line 0: ext_bridge = "external"
Read 1 lines!

Dependencies (10)

  1. bisect_ppx >= "1.4.1"
  2. ipaddr >= "2.8.0"
  3. uri >= "1.9.5"
  4. rresult >= "0.5.0"
  5. logs >= "0.6.2"
  6. fmt >= "0.8.4"
  7. angstrom >= "0.14.0"
  8. cstruct >= "3.3.0"
  9. ocaml >= "4.07.0"
  10. dune

Dev Dependencies (2)

  1. afl-persistent with-test
  2. alcotest with-test

Used by

None

Conflicts

None

OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct