1%{ 2/* 3 * (C) 2006 by Pablo Neira Ayuso <pablo@netfilter.org> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 * 19 * Description: configuration file syntax 20 */ 21 22#include <string.h> 23 24#include "read_config_yy.h" 25%} 26 27%option yylineno 28%option noinput 29%option nounput 30 31ws [ \t]+ 32comment #.*$ 33nl [\n\r] 34 35is_on [o|O][n|N] 36is_off [o|O][f|F][f|F] 37integer [0-9]+ 38signed_integer [\-\+][0-9]+ 39path \/[^\"\n ]* 40ip4_cidr \/[0-2]*[0-9]+ 41ip4_end [0-9]*[0-9]+ 42ip4_part [0-2]*{ip4_end} 43ip4 {ip4_part}\.{ip4_part}\.{ip4_part}\.{ip4_part}{ip4_cidr}? 44hex_255 [0-9a-fA-F]{1,4} 45ip6_cidr \/[0-1]*[0-9]*[0-9]+ 46ip6_part {hex_255}":"? 47ip6_form1 {ip6_part}{0,16}"::"{ip6_part}{0,16} 48ip6_form2 ({hex_255}":"){16}{hex_255} 49ip6 {ip6_form1}{ip6_cidr}?|{ip6_form2}{ip6_cidr}? 50string [a-zA-Z][a-zA-Z0-9\.\-]* 51persistent [P|p][E|e][R|r][S|s][I|i][S|s][T|t][E|e][N|n][T|T] 52nack [N|n][A|a][C|c][K|k] 53alarm [A|a][L|l][A|a][R|r][M|m] 54ftfw [F|f][T|t][F|f][W|w] 55notrack [N|n][O|o][T|t][R|r][A|a][C|c][K|k] 56 57%% 58"UNIX" { return T_UNIX; } 59"IPv4_address" { return T_IPV4_ADDR; } 60"IPv6_address" { return T_IPV6_ADDR; } 61"IPv4_Destination_Address" { return T_IPV4_DEST_ADDR; } 62"IPv6_Destination_Address" { return T_IPV6_DEST_ADDR; } 63"IPv4_interface" { return T_IPV4_IFACE; } 64"IPv6_interface" { return T_IPV6_IFACE; } 65"Interface" { return T_IFACE; } 66"Multicast" { return T_MULTICAST; } 67"UDP" { return T_UDP; } 68"TCP" { return T_TCP; } 69"HashSize" { return T_HASHSIZE; } 70"RefreshTime" { return T_REFRESH; } 71"CacheTimeout" { return T_EXPIRE; } 72"CommitTimeout" { return T_TIMEOUT; } 73"DelayDestroyMessages" { return T_DELAY; } 74"HashLimit" { return T_HASHLIMIT; } 75"Path" { return T_PATH; } 76"IgnoreProtocol" { return T_IGNORE_PROTOCOL; } 77"IgnoreTrafficFor" { return T_IGNORE_TRAFFIC; } 78"StripNAT" { return T_STRIP_NAT; } 79"Backlog" { return T_BACKLOG; } 80"Group" { return T_GROUP; } 81"Port" { return T_PORT; } 82"LogFile" { return T_LOG; } 83"Syslog" { return T_SYSLOG; } 84"LockFile" { return T_LOCK; } 85"General" { return T_GENERAL; } 86"Sync" { return T_SYNC; } 87"Stats" { return T_STATS; } 88"RelaxTransitions" { return T_RELAX_TRANSITIONS; } 89"SocketBufferSize" { return T_BUFFER_SIZE; /* alias */ } 90"SocketBufferSizeMaxGrown" { return T_BUFFER_SIZE_MAX_GROWN; /* alias */ } 91"SocketBufferSizeMaxGrowth" { return T_BUFFER_SIZE_MAX_GROWN; /* alias */ } 92"NetlinkBufferSize" { return T_BUFFER_SIZE; } 93"NetlinkBufferSizeMaxGrowth" { return T_BUFFER_SIZE_MAX_GROWN; } 94"Mode" { return T_SYNC_MODE; } 95"ListenTo" { return T_LISTEN_TO; } 96"Family" { return T_FAMILY; } 97"ResendBufferSize" { return T_RESEND_BUFFER_SIZE; } 98"ResendQueueSize" { return T_RESEND_QUEUE_SIZE; } 99"Checksum" { return T_CHECKSUM; } 100"ACKWindowSize" { return T_WINDOWSIZE; } 101"Replicate" { return T_REPLICATE; } 102"for" { return T_FOR; } 103"CacheWriteThrough" { return T_WRITE_THROUGH; } 104"SYN_SENT" { return T_SYN_SENT; } 105"SYN_RECV" { return T_SYN_RECV; } 106"ESTABLISHED" { return T_ESTABLISHED; } 107"FIN_WAIT" { return T_FIN_WAIT; } 108"CLOSE_WAIT" { return T_CLOSE_WAIT; } 109"LAST_ACK" { return T_LAST_ACK; } 110"TIME_WAIT" { return T_TIME_WAIT; } 111"CLOSE" { return T_CLOSE; /* alias of CLOSED */ } 112"CLOSED" { return T_CLOSE; } 113"LISTEN" { return T_LISTEN; } 114"LogFileBufferSize" { return T_STAT_BUFFER_SIZE; } 115"DestroyTimeout" { return T_DESTROY_TIMEOUT; } 116"McastSndSocketBuffer" { return T_SNDBUFF; /* deprecated */ } 117"McastRcvSocketBuffer" { return T_RCVBUFF; /* deprecated */ } 118"SndSocketBuffer" { return T_SNDBUFF; } 119"RcvSocketBuffer" { return T_RCVBUFF; } 120"Filter" { return T_FILTER; } 121"Protocol" { return T_PROTOCOL; } 122"Address" { return T_ADDRESS; } 123"State" { return T_STATE; } 124"Accept" { return T_ACCEPT; } 125"Ignore" { return T_IGNORE; } 126"PurgeTimeout" { return T_PURGE; } 127"From" { return T_FROM; } 128"Userspace" { return T_USERSPACE; } 129"Kernelspace" { return T_KERNELSPACE; } 130"EventIterationLimit" { return T_EVENT_ITER_LIMIT; } 131"Default" { return T_DEFAULT; } 132"PollSecs" { return T_POLL_SECS; } 133"NetlinkOverrunResync" { return T_NETLINK_OVERRUN_RESYNC; } 134"Nice" { return T_NICE; } 135"Scheduler" { return T_SCHEDULER; } 136"Type" { return T_TYPE; } 137"Priority" { return T_PRIO; } 138"NetlinkEventsReliable" { return T_NETLINK_EVENTS_RELIABLE; } 139"DisableInternalCache" { return T_DISABLE_INTERNAL_CACHE; } 140"DisableExternalCache" { return T_DISABLE_EXTERNAL_CACHE; } 141"Options" { return T_OPTIONS; } 142"TCPWindowTracking" { return T_TCP_WINDOW_TRACKING; } 143"ExpectationSync" { return T_EXPECT_SYNC; } 144"ErrorQueueLength" { return T_ERROR_QUEUE_LENGTH; } 145"Helper" { return T_HELPER; } 146"QueueNum" { return T_HELPER_QUEUE_NUM; } 147"QueueLen" { return T_HELPER_QUEUE_LEN; } 148"Policy" { return T_HELPER_POLICY; } 149"ExpectMax" { return T_HELPER_EXPECT_MAX; } 150"ExpectTimeout" { return T_HELPER_EXPECT_TIMEOUT; } 151 152{is_on} { return T_ON; } 153{is_off} { return T_OFF; } 154{integer} { yylval.val = atoi(yytext); return T_NUMBER; } 155{signed_integer} { yylval.val = atoi(yytext); return T_SIGNED_NUMBER; } 156{ip4} { yylval.string = strdup(yytext); return T_IP; } 157{ip6} { yylval.string = strdup(yytext); return T_IP; } 158{path} { yylval.string = strdup(yytext); return T_PATH_VAL; } 159{alarm} { return T_ALARM; } 160{persistent} { fprintf(stderr, "\nWARNING: Now `persistent' mode " 161 "is called `alarm'. Please, update " 162 "your conntrackd.conf file.\n"); 163 return T_ALARM; } 164{ftfw} { return T_FTFW; } 165{nack} { fprintf(stderr, "\nWARNING: Now `nack' mode " 166 "is called `ftfw'. Please, update " 167 "your conntrackd.conf file.\n"); 168 return T_FTFW; } 169{notrack} { return T_NOTRACK; } 170{string} { yylval.string = strdup(yytext); return T_STRING; } 171 172{comment} ; 173{ws} ; 174{nl} ; 175 176<<EOF>> { yyterminate(); } 177 178. { return yytext[0]; } 179 180%% 181 182int 183yywrap() 184{ 185 return 1; 186} 187