$context->isAPI = true; } $doActions[] = $context; } // // --------- // // create a RQuery if a filter was provided // /** * @var RQuery $objectFilterRQuery */ $objectFilterRQuery = null; if ($rulesFilter !== null) { $objectFilterRQuery = new RQuery('rule'); $res = $objectFilterRQuery->parseFromString($rulesFilter, $errorMessage); if ($res === false) { fwrite(STDERR, "\n\n**ERROR** Rule filter parser: " . $errorMessage . "\n\n"); exit(1); } print " - Rule filter after sanitization: "; $objectFilterRQuery->display(); print "\n"; } // -------------------- // // load the config // print " - Loading configuration through PAN-Configurator library... "; $pan->load_from_domxml($xmlDoc); print "OK!\n";
/** * @param string $text * @param string $errorMessage * @return bool|int FALSE if an error occured (see $errorMessage content) */ public function parseFromString($text, &$errorMessage) { $supportedFilters =& self::$defaultFilters[$this->objectType]; $len = strlen($text); $start = 0; $previousClose = 0; $end = $len - 1; $findOpen = strpos($text, '(', $start); $findClose = strpos($text, ')', $start); //print $this->padded."Parsing \"$text\"\n"; while ($findOpen !== FALSE && $findClose > $findOpen) { $newQuery = new RQuery($this->objectType, $this->level + 1); $this->subQueries[] = $newQuery; $res = $newQuery->parseFromString(substr($text, $findOpen + 1), $errorMessage, $supportedFilters); if ($res === false) { return false; } if ($findOpen != 0 && $text[$findOpen - 1] == '!') { $newQuery->inverted = true; } if (count($this->subQueries) > 1) { if ($newQuery->inverted) { $operator = substr($text, $previousClose + 1, $findOpen - $previousClose - 2); } else { $operator = substr($text, $previousClose + 1, $findOpen - $previousClose - 1); } $operator = self::extractOperatorFromString($operator, $errorMessage); if ($operator === false) { return false; } $this->subQueriesOperators[] = $operator; ////print $this->padded."raw operator found: '$operator'\n"; } $previousClose = $findOpen + $res; //print $this->padded.'remains to be parsed after subQ extracted: '.substr($text,$previousClose+1)."\n"; $start = $findOpen + $res + 1; $findOpen = strpos($text, '(', $start); $findClose = strpos($text, ')', $start); } if ($this->level != 0) { $findClose = strpos($text, ')', $previousClose + 1); if ($findClose === false) { $errorMessage = 'cannot find closing )'; //print $this->padded."test\n"; return false; } elseif (count($this->subQueries) == 0) { $this->text = substr($text, 0, $findClose); if (!$this->extractWordsFromText($this->text, $supportedFilters, $errorMessage)) { return false; } return $findClose + 1; } return $findClose + 1; } // here we are at top level if (count($this->subQueries) == 0) { //print $this->padded."No subquery found, this is an expression: $text\n"; $this->text = $text; if (!$this->extractWordsFromText($this->text, $supportedFilters, $errorMessage)) { return false; } } else { //print $this->padded . "Sub-queries found\n"; //$this->text = $text; } return 1; }
} unset($xpathResult); if ($configType == 'panos') { $pan = new PANConf(); } else { $pan = new PanoramaConf(); } print " - Detected platform type is '{$configType}'\n"; if ($configInput['type'] == 'api') { $pan->connector = $configInput['connector']; } $errorMessage = ''; $filterQuery = null; if (isset(PH::$args['filter'])) { $filterQuery = new RQuery('rule'); if (!$filterQuery->parseFromString(PH::$args['filter'], $errorMessage)) { derr($errorMessage); } print " - rule filter after sanitizing : "; $filterQuery->display(); } // // load the config // print " - loading config... "; $pan->load_from_domxml($xmlDoc); print "OK!\n"; // </editor-fold> // // Location provided in CLI ? //
/** * Returns an Array with all Rules inside this store * @param null|string $withFilter * @return SecurityRule[]|NatRule[] */ public function &rules($withFilter = null) { $query = null; if ($withFilter !== null && $withFilter != '') { $errMesg = ''; $query = new RQuery('rule'); if ($query->parseFromString($withFilter, $errMsg) === false) { derr("error while parsing query: {$errMesg}"); } $res = array(); foreach ($this->rules as $rule) { if ($query->matchSingleObject($rule)) { $res[] = $rule; } } if ($this->isPreOrPost) { foreach ($this->postRules as $rule) { if ($query->matchSingleObject($rule)) { $res[] = $rule; } } } return $res; } if (!$this->isPreOrPost) { $res = $this->rules; return $res; } $res = array_merge($this->rules, $this->postRules); return $res; }