netfilter/
util.rs

1// Copyright 2024 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use pest::iterators::Pair;
6
7use fidl_fuchsia_net as net;
8
9use crate::grammar::{Error, Rule};
10
11pub(crate) fn parse_invertible_subnet(pair: Pair<'_, Rule>) -> Result<(net::Subnet, bool), Error> {
12    assert_eq!(pair.as_rule(), Rule::invertible_subnet);
13    let mut inner = pair.into_inner();
14    let mut pair = inner.next().unwrap();
15    let invert_match = match pair.as_rule() {
16        Rule::not => {
17            pair = inner.next().unwrap();
18            true
19        }
20        Rule::subnet => false,
21        _ => unreachable!("invertible subnet must be either not or a subnet"),
22    };
23    let subnet = parse_subnet(pair)?;
24    Ok((subnet, invert_match))
25}
26
27pub(crate) fn parse_subnet(pair: Pair<'_, Rule>) -> Result<net::Subnet, Error> {
28    assert_eq!(pair.as_rule(), Rule::subnet);
29    let mut inner = pair.into_inner();
30    let addr = parse_ipaddr(inner.next().unwrap())?;
31    let prefix_len = parse_prefix_len(inner.next().unwrap())?;
32
33    Ok(net::Subnet { addr, prefix_len })
34}
35
36pub(crate) fn parse_ipaddr(pair: Pair<'_, Rule>) -> Result<net::IpAddress, Error> {
37    assert_eq!(pair.as_rule(), Rule::ipaddr);
38    let pair = pair.into_inner().next().unwrap();
39    let addr = pair.as_str().parse().map_err(Error::Addr)?;
40    match addr {
41        std::net::IpAddr::V4(ip4) => {
42            Ok(net::IpAddress::Ipv4(net::Ipv4Address { addr: ip4.octets() }))
43        }
44        std::net::IpAddr::V6(ip6) => {
45            Ok(net::IpAddress::Ipv6(net::Ipv6Address { addr: ip6.octets() }))
46        }
47    }
48}
49
50pub(crate) fn parse_prefix_len(pair: Pair<'_, Rule>) -> Result<u8, Error> {
51    assert_eq!(pair.as_rule(), Rule::prefix_len);
52    pair.as_str().parse::<u8>().map_err(Error::Num)
53}
54
55pub(crate) fn parse_port_num(pair: Pair<'_, Rule>) -> Result<u16, Error> {
56    pair.as_str().parse::<u16>().map_err(Error::Num)
57}
58
59pub(crate) fn ip_version_eq(left: &net::IpAddress, right: &net::IpAddress) -> bool {
60    match (left, right) {
61        (net::IpAddress::Ipv4(_), net::IpAddress::Ipv4(_))
62        | (net::IpAddress::Ipv6(_), net::IpAddress::Ipv6(_)) => true,
63        (net::IpAddress::Ipv4(_), net::IpAddress::Ipv6(_))
64        | (net::IpAddress::Ipv6(_), net::IpAddress::Ipv4(_)) => false,
65    }
66}