search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libsodium: updated to 1.0.10
[tomato.git] / release / src / router / iptables / iptables.xslt
blob4cf84191797597ecde08ac6b5973987db851ee31
1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!-- Converts from simple xml iptables format to iptables-save format
3 Copyright 2006 UfoMechanic
4 Author: azez@ufomechanic.net
5 This code is distributed and licensed under the terms of GNU GPL v2
6
7 This sample usage outputs roughly want goes in
8 iptables-save | iptables-xml -c | xsltproc iptables.xslt -
9 -->
10 <xsl:transform version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
11 <xsl:output method = "text" />
12 <xsl:strip-space elements="*" />
13
14 <!-- output conditions of a rule but not an action -->
15 <xsl:template match="iptables-rules/table/chain/rule/conditions/*">
16 <!-- <match> is the psuedo module when a match module doesn't need to be loaded
17 and when -m does not need to be inserted -->
18 <xsl:if test="name() != 'match'">
19 <xsl:text> -m </xsl:text><xsl:value-of select="name()"/>
20 </xsl:if>
21 <xsl:apply-templates select="node()"/>
22 </xsl:template>
23
24 <!-- delete the actions or conditions containers, and process child nodes -->
25 <xsl:template match="iptables-rules/table/chain/rule/actions|table/chain/rule/conditions">
26 <xsl:apply-templates select="*"/>
27 </xsl:template>
28
29 <xsl:template match="iptables-rules/table/chain/rule/actions/goto">
30 <xsl:text> -g </xsl:text>
31 <xsl:apply-templates select="*"/>
32 <xsl:text>&#xA;</xsl:text>
33 </xsl:template>
34 <xsl:template match="iptables-rules/table/chain/rule/actions/call">
35 <xsl:text> -j </xsl:text>
36 <xsl:apply-templates select="*"/>
37 <xsl:text>&#xA;</xsl:text>
38 </xsl:template>
39 <!-- all other actions are module actions -->
40 <xsl:template match="iptables-rules/table/chain/rule/actions/*">
41 <xsl:text> -j </xsl:text><xsl:value-of select="name()"/>
42 <xsl:apply-templates select="*"/>
43 <xsl:text>&#xA;</xsl:text>
44 </xsl:template>
45
46 <!-- all child action nodes -->
47 <xsl:template match="iptables-rules/table/chain/rule/actions/*/*|iptables-rules/table/chain/rule/actions/*//*|iptables-rules/table/chain/rule/conditions/*/*|iptables-rules/table/chain/rule/conditions/*//*">
48 <xsl:if test="@invert=1"><xsl:text> !</xsl:text></xsl:if>
49 <xsl:text> -</xsl:text>
50 <!-- if length of name is 1 character, then only do 1 - not 2 -->
51 <xsl:if test="string-length(name())&gt;1">
52 <xsl:text>-</xsl:text>
53 </xsl:if>
54 <xsl:value-of select="name()"/>
55 <xsl:text> </xsl:text><xsl:value-of select="."/>
56 </xsl:template>
57
58 <xsl:template match="iptables-rules/table/chain/rule/actions/call/*|iptables-rules/table/chain/rule/actions/goto/*">
59 <xsl:value-of select="name()"/>
60 <!-- I bet there are no child nodes, should we risk it? -->
61 <xsl:apply-templates select="node()"/>
62 </xsl:template>
63
64 <!-- output the head of the rule, and any conditions -->
65 <xsl:template name="rule-head">
66 <xsl:if test="string-length(@packet-count)+string-length(@byte-count)">
67 <xsl:call-template name="counters"><xsl:with-param name="node" select="."/></xsl:call-template>
68 <xsl:text> </xsl:text>
69 </xsl:if>
70 <xsl:text>-A </xsl:text><!-- a rule must be under a chain -->
71 <xsl:value-of select="../@name" />
72 <xsl:apply-templates select="conditions"/>
73 </xsl:template>
74
75 <!-- Output a single rule, perhaps as multiple rules if we have more than one action -->
76 <xsl:template match="iptables-rules/table/chain/rule">
77 <xsl:choose>
78 <xsl:when test="count(actions/*)&gt;0">
79 <xsl:for-each select="actions/*">
80 <!-- and a for-each to re-select the rule as the current node, to write the rule-head -->
81 <xsl:for-each select="../..">
82 <xsl:call-template name="rule-head"/>
83 </xsl:for-each>
84 <!-- now write the this action -->
85 <xsl:apply-templates select="."/>
86 </xsl:for-each>
87 </xsl:when>
88 <xsl:otherwise>
89 <!-- no need to loop if there are no actions, just output conditions -->
90 <xsl:call-template name="rule-head"/>
91 <xsl:text>&#xA;</xsl:text>
92 </xsl:otherwise>
93 </xsl:choose>
94 </xsl:template>
95
96 <xsl:template match="iptables-rules/table">
97 <xsl:text># Generated by iptables.xslt&#xA;</xsl:text>
98 <xsl:text>*</xsl:text><xsl:value-of select="@name"/><xsl:text>&#xA;</xsl:text>
99 <!-- Loop through each chain and output the chain header -->
100 <xsl:for-each select="chain">
101 <xsl:text>:</xsl:text>
102 <xsl:value-of select="@name"/>
103 <xsl:text> </xsl:text>
104 <xsl:choose>
105 <xsl:when test="not(string-length(@policy))"><xsl:text>-</xsl:text></xsl:when>
106 <xsl:otherwise><xsl:value-of select="@policy"/></xsl:otherwise>
107 </xsl:choose>
108 <xsl:text> </xsl:text>
109 <xsl:call-template name="counters"><xsl:with-param name="node" select="."/></xsl:call-template>
110 <xsl:text>&#xA;</xsl:text>
111 </xsl:for-each>
112 <!-- Loop through each chain and output the rules -->
113 <xsl:apply-templates select="node()"/>
114 <xsl:text>COMMIT&#xA;# Completed&#xA;</xsl:text>
115 </xsl:template>
116
117 <xsl:template name="counters">
118 <xsl:param name="$node"/>
119 <xsl:text>[</xsl:text>
120 <xsl:if test="string-length($node/@packet-count)"><xsl:value-of select="$node/@packet-count"/></xsl:if>
121 <xsl:if test="string-length($node/@packet-count)=0">0</xsl:if>
122 <xsl:text>:</xsl:text>
123 <xsl:if test="string-length($node/@byte-count)"><xsl:value-of select="$node/@byte-count"/></xsl:if>
124 <xsl:if test="string-length($node/@byte-count)=0">0</xsl:if>
125 <xsl:text>]</xsl:text>
126 </xsl:template>
127
128 <!-- the bit that automatically recurses for us, NOTE: we use * not node(), we don't want to copy every white space text -->
129 <xsl:template match="@*|node()">
130 <xsl:copy>
131 <!-- with libxslt xsltproc we can't do @*|node() or the nodes may get processed before the attributes -->
132 <xsl:apply-templates select="@*"/>
133 <xsl:apply-templates select="node()"/>
134 </xsl:copy>
135 </xsl:template>
136
137 </xsl:transform>
Tomato firmware and modifications.