本文整理汇总了C++中PolicyRule::setAction方法的典型用法代码示例。如果您正苦于以下问题:C++ PolicyRule::setAction方法的具体用法?C++ PolicyRule::setAction怎么用?C++ PolicyRule::setAction使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类PolicyRule的用法示例。
在下文中一共展示了PolicyRule::setAction方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: while
void PolicyCompiler_ipf::optimize1::optimizeForRuleElement(PolicyRule *rule,
const std::string &re_type)
{
RuleElement *re=RuleElement::cast(rule->getFirstByType(re_type));
PolicyRule *r;
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
/* duplicate copies everything, including attribute
* "skip_label". That's why I set skip_label after I create a copy of the rule
*/
string skip_target = FWObjectDatabase::getStringId(rule->getId());
while (skip_targets[skip_target]) skip_target+=".A";
skip_targets[skip_target]=true;
// just need a unique label, and ID is unique
rule->setStr("skip_label", skip_target);
for (FWObject::iterator i=r->begin(); i!=r->end(); ++i)
{
if (RuleElement::cast(*i)!=nullptr && (*i)->getTypeName()!=re_type)
{
RuleElement *nre=RuleElement::cast(*i);
nre->clearChildren();
nre->setAnyElement();
}
}
r->setAction(PolicyRule::Skip);
r->setBool("quick",false);
r->setStr("skip_to",skip_target);
tmp_queue.push_back(r);
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
RuleElement *re1;
re1=r->getSrc(); re1->clearChildren(); re1->setAnyElement();
re1=r->getDst(); re1->clearChildren(); re1->setAnyElement();
re1=r->getSrv(); re1->clearChildren(); re1->setAnyElement();
r->setAction(PolicyRule::Continue);
r->setStr("skip_label","");
tmp_queue.push_back(r);
re->clearChildren();
re->setAnyElement();
/* rules that we have inserted above 'rule' will skip over it. We should
* not drop them when we eliminate duplicates */
rule->setBool("skip_check_for_duplicates",true);
tmp_queue.push_back(rule);
}示例2: if
bool PolicyCompiler_pf::ProcessScrubOption::processNext()
{
PolicyRule *rule=getNext(); if (rule==NULL) return false;
FWOptions *ruleopt =rule->getOptionsObject();
if ( ruleopt->getBool("scrub") ) {
if (rule->getAction()!=PolicyRule::Accept) {
ruleopt->setBool("scrub",false);
tmp_queue.push_back(rule);
compiler->abort(rule,
"Rule option 'scrub' is supported only for rules "
"with action 'Accept'");
return true;
}
PolicyRule *r = compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
r->setAction(PolicyRule::Scrub);
r->getOptionsObject()->setBool("scrub",false);
tmp_queue.push_back(r);
ruleopt->setBool("scrub",false);
tmp_queue.push_back(rule);
return true;
}
/* if service is ip_fragment and action is 'Deny', then add rule with scrub */
Service *srv=compiler->getFirstSrv(rule); assert(srv);
if ( (srv->getBool("short_fragm") || srv->getBool("fragm")) &&
( rule->getAction()==PolicyRule::Deny || rule->getAction()==PolicyRule::Reject) ) {
PolicyRule *r = compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
r->setAction(PolicyRule::Scrub);
r->getOptionsObject()->setBool("scrub",false);
tmp_queue.push_back(r);
return true;
}
tmp_queue.push_back(rule);
return true;
}示例3: pushRule
void Importer::pushRule()
{
assert(current_ruleset!=NULL);
assert(current_rule!=NULL);
// populate all elements of the rule
PolicyRule *rule = PolicyRule::cast(current_rule);
FWOptions *ropt = current_rule->getOptionsObject();
assert(ropt!=NULL);
if (action=="permit")
{
rule->setAction(PolicyRule::Accept);
ropt->setBool("stateless", false);
}
if (action=="deny")
{
rule->setAction(PolicyRule::Deny);
ropt->setBool("stateless", true);
}
rule->setDirection(PolicyRule::Both);
addSrc();
addDst();
addSrv();
addLogging();
// then add it to the current ruleset
current_ruleset->ruleset->add(current_rule);
if (error_tracker->hasWarnings())
{
QStringList warn = error_tracker->getWarnings();
// parser errors and warnings are added to the log by
// PFCfgParser::reportError() and PFCfgParser::reportWarning()
// so we dont need to add them again here
foreach(QString w, warn)
{
if (!w.startsWith("Parser warning:")) addMessageToLog("Warning: " + w);
}
markCurrentRuleBad();
}示例4: if
bool PolicyCompiler_ipf::doDstNegation::processNext()
{
PolicyRule *rule=getNext(); if (rule==NULL) return false;
RuleElementDst *dst=rule->getDst();
if (dst->getNeg()) {
RuleElementDst *ndst;
PolicyRule *r;
FWOptions *ruleopt;
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
r->setAction(PolicyRule::Continue);
r->setLogging(false);
ndst=r->getDst();
ndst->setNeg(false);
r->setBool("quick",false);
r->setBool("skip_check_for_duplicates",true);
ruleopt = r->getOptionsObject();
ruleopt->setBool("stateless", true);
tmp_queue.push_back(r);
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
ndst=r->getDst();
ndst->setNeg(false);
ndst->clearChildren();
ndst->setAnyElement();
r->setBool("quick",true);
r->setBool("skip_check_for_duplicates",true);
tmp_queue.push_back(r);
return true;
}
tmp_queue.push_back(rule);
return true;
}示例5: slurp
bool PolicyCompiler_ipf::calculateSkip::processNext()
{
// PolicyRule *rule;
slurp();
if (tmp_queue.size()==0) return false;
/*
* first, we scan all rules and build a hash that maps attribute
* "skip_label" to rule number. Attribute "skip_label" is set in
* optimize1, after which we could have split some rules, so this
* attrbiute may not be unique. We want to skip to the first rule
* marked with the same skip label if there are few with the same
* label. The simplest way to find the first one with the same label
* is to scan rules in reverse order, that is from the bottom up.
*/
int N=tmp_queue.size()-1; // The last rule number is N
for (deque<Rule*>::reverse_iterator k=tmp_queue.rbegin(); k!=tmp_queue.rend(); ++k)
{
PolicyRule *r = PolicyRule::cast( *k );
if (!r->getStr("skip_label").empty()) allrules[r->getStr("skip_label")]=N;
r->setInt("rule_num",N);
N--;
}
for (deque<Rule*>::iterator k=tmp_queue.begin(); k!=tmp_queue.end(); ++k)
{
PolicyRule *r = PolicyRule::cast( *k );
string rl=r->getLabel();
int current_position=r->getPosition();
if (r->getAction()==PolicyRule::Skip)
{
assert(!r->getStr("skip_to").empty());
int to=allrules[r->getStr("skip_to")];
int n =r->getInt("rule_num");
r->setInt("no_to_skip",to-n-1);
}
/* Action 'Continue' means we need to jump to the next rule in the
* GUI. We scan rules down from the current one, looking for the first
* rule that corresponds to the next rule in the GUI.
*/
if (r->getAction()==PolicyRule::Continue)
{
r->setAction(PolicyRule::Skip);
r->setBool("quick",false);
deque<Rule*>::iterator j=k;
++j;
int n=0;
for ( ; j!=tmp_queue.end(); ++j)
{
PolicyRule *r2 = PolicyRule::cast( *j );
if (r2->getPosition()!=current_position) break;
/* 'skip' only skips rules with the same setting of 'in' or 'out',
* that is the same direction
*/
if (r2->getDirection()==r->getDirection()) ++n;
}
r->setInt("no_to_skip",n);
}
}
return true;
}